LDAP Logon without domain.
-
KnightWare
- Posts: 139
- Joined: Sat Feb 10, 2018 12:56 am
LDAP Logon without domain.
Has anyone using LDAP for login been able to do it without the domain preface? Can you intercept with a rule to Prepend it? I don't wish my users to have to type DOMAIN\USERID.
Re: LDAP Logon without domain.
i went back to one of my old system to try and get you an answer.
We purchased the LDAP module, but were never really ready to pull the trigger.
1) One annoying thing is that we were going to use Automatic login - since all users would already be logged in to the domain/network.
But this has to be done only using IE, and they were not going to force everyone to do that.
2) But, when using the automatic login (directlogin.aw i think) then it just took them in and they don't have to preface their id - but you probably know that.
3) So, you also have to have a non-direct login page where you manually enter LoginName. when I went back to this system, it brought up the "saved" values in the LoginName field and it had BOTH "Jaymer" and "XXUSA\Jaymer" - so I can't tell. I tried to alter the Login Options to go back to using LDAP but then I couldn't login at all and spent 15 mins trying to get in - the system wouldn't generate the "m_LDAPSETTINGS" file so I couldn't get anywhere. Had to revert to non-LDAP logins. Been over a year.
wish I could help.
jaymer...
We purchased the LDAP module, but were never really ready to pull the trigger.
1) One annoying thing is that we were going to use Automatic login - since all users would already be logged in to the domain/network.
But this has to be done only using IE, and they were not going to force everyone to do that.
2) But, when using the automatic login (directlogin.aw i think) then it just took them in and they don't have to preface their id - but you probably know that.
3) So, you also have to have a non-direct login page where you manually enter LoginName. when I went back to this system, it brought up the "saved" values in the LoginName field and it had BOTH "Jaymer" and "XXUSA\Jaymer" - so I can't tell. I tried to alter the Login Options to go back to using LDAP but then I couldn't login at all and spent 15 mins trying to get in - the system wouldn't generate the "m_LDAPSETTINGS" file so I couldn't get anywhere. Had to revert to non-LDAP logins. Been over a year.
wish I could help.
jaymer...
Click Here to see a collection of my tips & hacks on this forum. Or search for "JaymerTip" in the search bar at the top.
Jaymer
Aware Programming & Consulting - Tampa FL
Jaymer
Aware Programming & Consulting - Tampa FL
-
KnightWare
- Posts: 139
- Joined: Sat Feb 10, 2018 12:56 am
Re: LDAP Logon without domain.
At least you confirmed this as an issue, and I'm doing the same leg work you already performed. Kind of a bummer as it was an integral part of the app as to why it was chosen. I understand LDAP is complicated, but this should not be. I can use LDAP OK, just need to type in the domain, not user friendly. My last attempt was a rule on the user object was created, but now figure that's created After the fact.
Re: LDAP Logon without domain.
well, i'm not trying to confirm that anythings "a problem" - I just cant get in at the moment.
one thing that might help is watching the server and/or tomcat log.
you can see it contacting LDAP and replies.
On mine, I noticed it definitely didn't like the backslash.
If I tried XXUSA\Jaymer, it said illegal character "J" or something similar, like the \ was a traditional escape character. I thought that was odd since there's always a backslash in those paths.
Just wondering, whats wrong with using the AutoLogin/"direct" feature - that way this is a moot issue?
jaymer...
one thing that might help is watching the server and/or tomcat log.
you can see it contacting LDAP and replies.
On mine, I noticed it definitely didn't like the backslash.
If I tried XXUSA\Jaymer, it said illegal character "J" or something similar, like the \ was a traditional escape character. I thought that was odd since there's always a backslash in those paths.
Just wondering, whats wrong with using the AutoLogin/"direct" feature - that way this is a moot issue?
jaymer...
Click Here to see a collection of my tips & hacks on this forum. Or search for "JaymerTip" in the search bar at the top.
Jaymer
Aware Programming & Consulting - Tampa FL
Jaymer
Aware Programming & Consulting - Tampa FL
-
KnightWare
- Posts: 139
- Joined: Sat Feb 10, 2018 12:56 am
Re: LDAP Logon without domain.
Auto Login Direct seems to work. When I do use domain, the "\" does not seem to be a problem. When direct, the log doesn't really state the user credentials, just the picked presentation. I do however see user in Status bar. Still very new to this.