Thanks, Misagh, much appreciated. It sounds like this will work quite well for us. Most of our web apps rely on LDAP authentication. Regarding architecture, hope you don't mind a couple of other questions:
1. How many servers are in your CAS environment (presuming you recommend an HA environment) - e.g. 1 web server (Tomcat?) + 2 HA CAS ticketing servers 2. Do you recommend RHEL for OS? Our user environment is about 12,000 (2,000 staff + 10,000 students) so I am trying to architect the CAS to support that. -Hank On Thursday, August 11, 2016 at 4:45:43 PM UTC-4, Misagh Moayyed wrote: > If you mean CAS is going to provide you with an LDAP server, the answer is > no. AFAIK, that has never been the case. If you mean you wish to > authenticate via AD/LDAP and get access to your portal and other > CAS-protected apps, then it’s quite simple. Since the dawn of time, CAS has > supported LDAP/AD authentication. 90% of the deployments use that method of > authentication. > > -- > Misagh > From: Hank Foss <[email protected]> <javascript:> > Reply: Hank Foss <[email protected]> <javascript:> > Date: August 11, 2016 at 1:38:35 PM > To: CAS Community <[email protected]> <javascript:> > Subject: [cas-user] New to CAS, new to Apereo > > > > Hello, > > I'm brand new to CAS and Apereo, and am asking the best way to begin. We > are migrating our CAS from the cloud to on-premise as a cost savings > measure. This will likely save us $60+k annually, as the vendor is also > provides our portal. > > The externally hosted portal contains LDAP as well as CAS links. I > understand CAS 5 comes out this fall (October?) which offers LDAP support, > so I am on the fence a bit more. Since AD authentication drives many of our > authentication, I have been told that we will either need to use ADFS or > Shibboleth. The goal for this to be live is December of this year, so > there are learning curve, architecture, installation and customization > components of this project that all come into play. > > I built the Linux box, most current version of CentOS, but I believe being > an open source application that the support of at least the OS should > actually be a licensed RHEL instance. > > I'm technical, but this is uncharted territory so suggestions, comments, > and criticism are all greatly welcome. > > > Thanks, > CAS-Newbie > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To post to this group, send email to [email protected] <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/ccf659bc-12d9-4cb8-98dd-4dbf926f403a%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/ccf659bc-12d9-4cb8-98dd-4dbf926f403a%40apereo.org?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/a/apereo.org/d/optout. > > > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/df64e990-a4f5-406a-871e-f4a8ea96d289%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
