aythenticating accross domain trusts with LDAP

Discussion in 'Active Directory' started by vanderkerkoff, May 17, 2007.

  1. hello everyone

    we've got a website that checks our AD using LDAP for a username password
    pair, and if it get's a match, you go into the website to do things as you

    we've overtaken another university and they have their own AD

    is it possible to set up a trust between these two active directories, so
    that a user from the new domain can login to the website using their security
    details from their AD?

    any help or advice, or directions to reading matter would be greatly
    appreciated
     
    vanderkerkoff, May 17, 2007
    #1
    1. Advertisements

  2. vanderkerkoff

    Jorge Silva Guest

    Hi
    If you use a trust you can assign permissions to that web server to pp or
    security groups from that trusted forest.
    You can be very granular with that, for example you can use a trust with
    selective authentication and allow only access to these web servers.
    Of course you should test that and validate that with the Development Team.
    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MCSE, MVP Directory Services
     
    Jorge Silva, May 17, 2007
    #2
    1. Advertisements

  3. Hi Jorge, thanks for replying.

    I think you're getting the wrong end of the stick here.

    I can't assign permissions to the web server, we're not accessing the server
    like that.

    The web server is a Linux box which is running django, the question relates
    to accessing the LDAP directory of the AD from the web server.

    Users access the server via HTTP and then the server asks the AD via LDAP
    for a password username match. So assigning permissions to the web server
    would have no effect, as far as I can see, but I dont' know.

    I'm looking into accessing both Active Directories one after each other now,
    that way I don't need a trust setup. At least i dont think I do anyway ;-)

    Thanks again Jorge, if I've read your solution incorrectly please put me
    right.

    matt
     
    vanderkerkoff, May 18, 2007
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.