On Thu, 15 Feb 2007 14:48:52 -0800, Wheeler, Dylan <[EMAIL PROTECTED]> wrote:
>From what I've done before, you fill out the AREA LDAP, Check the box >for Cross Ref Blank Passwords and clear out the password from all user >records. This should see that the user has no password and use the AREA >record to authenticate the user right? >What happens is: >I try to login and it will let me login with my AD password. Great >If I login with no password it will still let me login. huh? Dylan, Do you have an entry for Authentication-Chaining-Mode: in your ar.conf? If so, please note the comments below from the config guide; This parameter enables the administrator to use more than one type of authentication on the same system. The values for Authentication-Chaining- Mode are as follows: 0Use the default behavior as in releases prior to 6.3. 1Use internal authentication as the primary method; then use external authentication via the AREA plug-in as the secondary method. 2Use external authentication via the AREA plug-in as the primary method; then use internal authentication as the secondary method. If the Authentication-Chaining-Mode is set to a value of 1 or 2, the Authenticate-Unregistered-Users parameter will be ignored. If the Crossref-Blank-Password parameter is enabled, and Authentication- Chaining-Mode is set to a value of 1 or 2, users who have a blank password in their User record will be permitted to log in to the system without a password (that is, a NULL password). Mark _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
