Hi Joe,
Hi Joe let me confirm something from you. When you say that a
user who has a blank password I assume that the users password is not stored
in AR Server people form or user form. Only his login name is. When he
enters his user name and password to login to the user tool or midtier the
password he enters gets authenticated with the LDAP and he gets access. If
that is the case when I am importing data to the people form in the login
tab I can see "xxxxx" in the password field which beats be because I am not
importing any password and hence it should show blank instead of "xxxxx". Do
I need to change any settings in password management form??
Thanks
Sivarama
On Tue, Jul 29, 2008 at 12:03 PM, Joe DeSouza <[EMAIL PROTECTED]> wrote:
> **
> Sivarama,
>
>
>
> I think you have a slight shroud of your understanding of how the LDAP
> integration works.
>
>
>
> No you do not need to import any passwords from LDAP to the ARS. The
> password is not communicated by the LDAP server to the AR Server, rather the
> response after validation is.. This means that when a user that has a blank
> password logs into an AR Server that is setup for LDAP authentication, the
> request for authentication is sent from the ARS to the LDAP server, and if
> the LDAP server validates the credentials to be valid, the user gets
> authenticated to Remedy.
>
>
>
> IF the password for the user is not blank in Remedy, then there is no
> request for authentication sent to the LDAP server, and the authentication
> happens locally..
>
>
>
> Hope this helps..
>
>
>
> Joe
>
>
> ----- Original Message ----
> From: sivarama velicheti <[EMAIL PROTECTED]>
> To: arslist@ARSLIST.ORG
> Sent: Tuesday, July 29, 2008 2:50:04 PM
> Subject: Re: Authentication from LDAP
>
> ** Hi Lisa,
>
> In the external authentication TAB are both the options i)
> authenticate - unregistered users and ii) Cross refernce blank password
> selected? I have external authentication plugin server program number as :
> 390695. One more thing in the configuration TAB what are the check boxes
> selected. I have enabled just i) allow unqualified searches and ii) enable
> multiple assign groups.
>
> Thanks
> Sivarama
>
> On Tue, Jul 29, 2008 at 11:11 AM, Lisa Westerfield <
> [EMAIL PROTECTED]> wrote:
>
>> **
>>
>> In our current implementation we are also multi-tenant, and we do not
>> store passwords in ARS. We are authenticating externally, and our
>> authentication chaining mode is ARS-Area.
>>
>>
>>
>> Hope that helps.
>>
>>
>>
>> *From:* Action Request System discussion list(ARSList) [mailto:
>> [EMAIL PROTECTED] *On Behalf Of *sivarama velicheti
>> *Sent:* Tuesday, July 29, 2008 12:02 PM
>> *To:* arslist@ARSLIST.ORG
>> *Subject:* Authentication from LDAP
>>
>>
>>
>> **
>>
>>
>> Hi,
>>
>> I have a question regarding LDAP pertaining to AR Server 7.1. I
>> have read in the guides somewhere that unless both the user name and
>> password are stored in the local AR Server, the users are not considered
>> registered users. In Multi-tenancy guest users are not allowed (and we have
>> multi-tenancy turned on). I want to know what are my options. Do I have to
>> import the password as well. I don't think its doable because LDAP would be
>> encrypting them and even if I do import them AR Server needs to know how to
>> decrypt them. Is my analogy of the situation right? if so what can I do. If
>> not please correct me.
>>
>> --
>>
>> Sivarama
>>
>> __Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
>> html___
>>
>> <http://www.bmc.com/userworld/>
>>
>> TuringSMI is a Platinum Sponsor of both BMC UserWorld Events
>>
>> *Email Disclaimer*
>> This email has been sent from the TuringSMI Group
>>
>> This message is subject to and does not create or vary any contractual
>> relationship between TuringSMI, SMI Technologies, SMI Telco, its
>> subsidiaries or affiliates and you. Internet communications are not secure
>> and therefore the TuringSMI Group does not accept any legal responsibility
>> for the contents of this message. Any views or opinions expressed are those
>> of the author. This message is intended for the addressee(s) only and its
>> contents and any attached files are strictly confidential. If you have
>> received it in error, please contact the sender on the number above.
>>
>
> __Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
> html___
>
_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
