ldap authentication in multforest domain?
From: Jims (biz_at_neocasa.net)
Date: 02/25/04
- Next message: James Ervin: "Re: choosing Kerberos encryption algorithms/Kerberos logging on XP"
- Previous message: Jims: "Re: Unix/Linux Kerberos authentication to AD 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 Feb 2004 13:45:57 -0500
In a forest with multiple domains, what is the recommended strategy for ldap
consuming applications to bind to the forest for user information? For
instance, a non windows application authenticates a user by using their
application login credentials to perform a simple bind to a domain
controller and if successful grant the user access to the application. The
problem is that users are spread out on several domains within the forest
and an ldap search to a dc in one domain may or may not be sufficient
because the user might be in another domain in the forest. What is the best
practice here? Can ldap be used to bind to a global catalog server in order
to assure all users in the forest are represented?
Jim
- Next message: James Ervin: "Re: choosing Kerberos encryption algorithms/Kerberos logging on XP"
- Previous message: Jims: "Re: Unix/Linux Kerberos authentication to AD 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
