> On Aug 14, 2020, at 2:06 PM, John Tumminaro <[email protected]> wrote: > > Hello All, I'm new to the mailing list. >
Hello John, welcome! > I think I understand that Apache Fortress works with any underlying LDAP V3 > server. > I believe the Microsoft Active Directory Server supports LDAP V3. > > I think I remember hearing that Apache Fortress will indeed work > with Microsoft Active Directory Server for all RBAC > functionality...except...the Apache Fortress auditing capability will not > work. > > Do I have my facts right? > Yes, it’s possible but there are a few problems. 1. As you pointed out, no audit trail. 2. Password policies won’t be checked. 3. Requires adding custom schema elements to the server which is sometimes hard to get approved. 4. Requires read/write access to the directory which is hard to get approved. Despite these problems it’s something that we’d be willing to support. It might require some minor changes to the core, to workaround AD anomalies. The approach would be to run the junit tests against an AD instance and fix the problems until the tests run without errors. Do you have access to an AD instance? > Thanks, > > John --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
