Novell Home

Avoiding "Double Authentication" with Active Directory

Novell Cool Solutions: Tip

Digg This - Slashdot This

Posted: 23 Apr 2003
 

Here's a tip that comes in handy if you have SecureLogin on eDir, but the primary authentication is against AD. Normally you will need to re-enter your credential in NSL.

At this time, it is possible for the LDAP client to remember a user's LDAP Logon credentials in the registry so a user isn't prompted for their LDAP logon to SecureLogin every time.

  1. User Logs on to ADS
  2. User starts SecureLogin for the first time.
  3. They are asked for their Username and Password for LDAP
  4. Switch the registry setting to remember the LDAP logon credentials.
HKLocalMachine\Software\Protocom\SecureLogin\CacheLDAPCredentials
DWORD=1

or

HKCurrentUser\Software\Protocom\SecureLogin\CacheLDAPCredentials
DWORD=1

As usual HKCU overrides HKLM.

  1. They enter their username (including context) and password.
  2. SecureLogin stores their credentials, in an encrypted format, in the registry for the user.
  3. Every time they logon after that, it will use start automatically and not prompt a second time for their username and password.

A current limitation of this solution is that there is no contextless logon, so a user must know their context. With contextless logon, the system will search the network for the username and automatically populate the user's context so a user only needs to remember MMoehn rather than MMoehn.Zurich.Protocom for example.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell