M
Michael Jacobs
Guest
In theory moving your Authentication AppServer to Linux and continue to use AD would require: Finding a 3rd party 'bridge' that provides transparent AD access to the OS's security configuration located in /etc/nsswitch.conf Defining and using Client-Principals in your Authentication AppServer Using Domains in your Authentication AppServer configuration that uses the _oslocal [authentication] system type Returning the sealed Client-Principal to the clients so they can use it to set the DB/audit user-ids The stumbling point has been when the 3rd party bridge product does not fully conform to the OS's local account's use of the passwd field for account state designation, such as 'locked', 'expired', etc. The _oslocal system type currently enforces these OS specific local account security settings and does not have options that allow 3rd party software that does not conform. Mike J. From: Riverside Software bounce-rssw@community.progress.com Reply-To: " TU.OE.General@community.progress.com " TU.OE.General@community.progress.com Date: Thursday, March 12, 2015 at 5:46 AM To: " TU.OE.General@community.progress.com " TU.OE.General@community.progress.com Subject: [Technical Users - OE General] AD Authentication AD Authentication Thread created by Riverside Software Hi, I've browsed some threads on AD Authentication, and would like to know what is the current status of AD Authentication on 11.5. We currently have an Authentication AppServer on Windows (10.2B, no client-principal), and as part of a platform change, we'd like to move this Appserver to Linux, and work with client-principal. Is it possible to authenticate against MS Active Directory from Linux ? Thanks Stop receiving emails on this subject. Flag this post as spam/abuse.
Continue reading...
Continue reading...