UNCLASSIFIED Has anyone using Windows authentication had "Smartcard required for logon" set? Setting "Smartcard required for logon" on the domain account changes the user's login name and scrambles the user's password, disassociating user and password completely. A user can only login to the domain using his/her CAC card. Our immediate fix was to set a Remedy password for Support Staff but ultimately want to return to using authentication.
Ideas? Sandra Hennigan OSD Remedy Administrator Office # 703-602-2525 x251 CACI - Ever Vigilant(tm) Apparently, there is nothing that cannot happen today. Mark Twain -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Baxter, Andrew Sent: Thursday, January 25, 2007 12:00 PM To: [email protected] Subject: Re: Login problems using AREA LDAP Authentication ** The UPN is the UserPrincipleName. This would look like [EMAIL PROTECTED] This is the preferred method of authentication with windows Active Directory and uses the Windows global catalog to determine user information. This is significantly faster than full LDAP as the Windows Global Catalog only contains a subset of information, but it also includes information on every account within your Active Directory forest so the prefix of a domain name is not required. If you Windows Active Directory DDNS is correctly configured you should not need anything else to authenticate users in your domain. I have just verified that creating a user with a samaccountname matching one in Active Directory works just fine without needing to configured AREA LDAP Authentication. Immediately after adding the account to Remedy I was able to logon using that account and the associated windows password. Thanks, Andrew Baxter From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of ARSList Sent: Thursday, January 25, 2007 11:27 AM To: [email protected] Subject: Re: Login problems using AREA LDAP Authentication I am interested to know what you mean by using UPN too. I have a similar situation. My User search filter within the AREA form has "samaccountname=$\USER$". We were having a External Authentication problem. We have since changed our HOST NAME to a specific IP address of a domain controller. It was set to the domain, now that is it getting more users, we tried a specific Domain controller by name. We still got problems. So now I changed it to a specific DC's IP address. The errors haven't come back yet. Thanks. __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ __20060125_______________________This posting was submitted with HTML in it___ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
