Misagh, Thank you for your response. I've given our network administrator the port #'s and protocols for CAS and the different resources it needs to connect to (Desire2Learn, Active Directory, Luminis LDAP, AdvisorTrac, etc.), but he is requesting to know "which systems need access to which other systems via which protocols"? I thought I had given him the systems when listing them as: CAS, Desire2Learn, AdvisorTrac, Active Directory, Luminis LDAP, etc. but he mentioned an RODC (Read Only Domain Controller) and said he needed to know those kinds of systems. I couldn't find anything like that on the Desire2Learn technical packet of information or the others. They just mentioned needing to connect to the LDAP. Could you by chance give me some pointers on this?
Thank you, Constance From: Misagh Moayyed [mailto:mmoay...@unicon.net] Sent: Tuesday, April 16, 2013 8:05 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] CAS setup question CAS has the ability to connect to an account store, or multiple account stores for that matter in the way its authentication managers and handlers dictate to find and authenticate users. If you have more than one, such that accounts for instance are spread across an active directory server, another ldap server, a database, etc you potentially have to specify all of them in the CAS configuration, or find a way to merge and harmonize these stores into one cohesive unit. Additionally, if you have applications that are perhaps hosted on the cloud or somehow maintain their own account stores (such as Blackboard) in the way that ids are different from what you know and what the app knows, there will need to be a mapping defined between your account store and the app and a lookup step to find and locate the corresponding userid for the app. There's no "requirement" for ldaps, although it is certainly recommended. From: Constance Morris [mailto:cmor...@daltonstate.edu] Sent: Monday, April 15, 2013 1:33 PM To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: RE:[cas-user] CAS setup question Also, when setting up network connections why would there be a need for LDAP-over-SSL connection? From: Constance Morris [mailto:cmor...@daltonstate.edu] Sent: Monday, April 15, 2013 4:19 PM To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: [cas-user] CAS setup question We are running Luminis 4 portal and currently have active directory (AD) setup for authentication. I'm in the process of creating a CAS server and do not completely understand the connection with everything. Does the CAS server still have to connect to the LDAP in addition to then connecting to active directory for users to SSO, or can it connect just to active directory and the other resources (D2L, AdvisorTrac, etc.)? Thank you! Constance -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: cmor...@daltonstate.edu<mailto:cmor...@daltonstate.edu> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: mmoay...@unicon.net<mailto:mmoay...@unicon.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: cmor...@daltonstate.edu<mailto:cmor...@daltonstate.edu> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
