Avoiding "Double Authentication" with Active Directory
Novell Cool Solutions: Tip
Digg This -
Posted: 23 Apr 2003
Here's a tip that comes in handy if you have SecureLogin on eDir, but the primary authentication is against AD. Normally you will need to re-enter your credential in NSL.
At this time, it is possible for the LDAP client to remember a user's LDAP Logon credentials in the registry so a user isn't prompted for their LDAP logon to SecureLogin every time.
- User Logs on to ADS
- User starts SecureLogin for the first time.
- They are asked for their Username and Password for LDAP
- Switch the registry setting to remember the LDAP logon credentials.
As usual HKCU overrides HKLM.
- They enter their username (including context) and password.
- SecureLogin stores their credentials, in an encrypted format, in the registry for the user.
- Every time they logon after that, it will use start automatically and not prompt a second time for their username and password.
A current limitation of this solution is that there is no contextless logon, so a user must know their context. With contextless logon, the system will search the network for the username and automatically populate the user's context so a user only needs to remember MMoehn rather than MMoehn.Zurich.Protocom for example.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com