RE: Antw: Turbine + NT login/Active DirectoryAs far as connecting to AD is concerned you should really use Ldap for authentication.
An Ldap backend is where one has an Ldap server/service running, instead of a database, for authenticating users and storing user data. /Colin ----- Original Message ----- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 05, 2002 3:38 AM Subject: RE: Antw: Turbine + NT login/Active Directory My Network users want least of all to remember a new password and account for applications on the network. As it is, passwords change every 60 days on the Domain. I am just starting Win2K Server Deployment. Active Directory is a data base, but I am not clear to date what DBMS that is. I have a "Turbine" application running on a Linux box and MYSQL as the DB. Can Turbine connect to MYSQL and the "AD" database at the same time via JDBC. Can you explain to me what the Ldap backend service is? Donald Duquaine Analyst / Network Administrator STL Tampa (813) 885-7427 [EMAIL PROTECTED] -----Original Message----- From: Eric Dobbs [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 8:45 PM To: Turbine Users List Subject: Re: Antw: Turbine + NT login/Active Directory On Monday, March 4, 2002, at 09:53 AM, Colin Chalmers wrote: > 1. How does the group see Ldap fitting into Turbine as a whole and the > security in particular? The main application we would use at work would be authentication. Could be as minimal as login password, first and last names. Many of our clients want to be able to reuse their existing Active Directory, or other authentication service. As opposed to maintaining duplicate sets of users and their credentials. > 2. Should it be possible to use both a database & Ldap backend at the > same > time? Yes. In our application, we would need to be able to put extended user information into our database. We would authenticate against the LDAP server and we'd keep a UserProfile table in the database to store data that's not in the existing LDAP server. I haven't given this a lot of thought, but I think this might imply storing the roles and permissions in the database. For our use case, I would like to assume that the client will grant our application only read access. > 3. Should we look into pooling for Ldap access? Not sure if that's > possible > with JNDI. but Netscape has an api where's it's (Pool) already built in. no opinion here. I don't know enough about LDAP administration to know if pooling is necessary or possible. > 4. Should we look at integrating Ldap Objects into Criteria similiar > to > how > a query is built up when using a database? This will be necessary in order to make an LDAP implementation of the SecurityService. But I think Criteria is pretty biased towards database queries. Thanks for looking into it. -Eric -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> ------------------------------------------------------------------------------ -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
