Thanks for the feedback, Jeff. From my experience with LDAP, synchronization seems to fail from time to time. When I set up an intranet server using WordPress, I found it convenient to install an LDAP plugin to auto-populate staff users. It worked beautifully, but then occasionally staff would report incorrect password and they'd have to request a reset in WordPress. I ended up deactivating the plugin. It served its purpose.
Whether it makes a difference or not, I wasn't using Active Directory but eDirectory. As for Evergreen authentication anomalies between AD and LDAP, we have some staff who, despite a password reset every 90 days, can still log in using their original password. Other staff can log in using both their old and new password. Clearly, something's amiss. John Lolis Coordinator of Computer Systems 100 Martine Avenue White Plains, NY 10601 tel: 1.914.422.1497 fax: 1.914.422.1452 https://whiteplainslibrary.org/ *When you think about it, *all* security is ultimately security by ignorance.* On Wed, 17 Feb 2021 at 11:29, Jeff Davis <[email protected]> wrote: > On 2021-02-15 1:41 p.m., Lolis, John wrote: > > Also, do any of you have a tie-in between Evergreen and Active Directory > > via LDAP in order to maintain credentials? If so, have you run across > > any reliability issues with doing that? > > We have a few libraries that authenticate against Active Directory using > an LDAP authentication proxy. It has its limitations, but I don't > recall ever hearing about any issues with the service. I would consider > it very reliable. > -- > Jeff Davis > BC Libraries Cooperative > _______________________________________________ > Evergreen-general mailing list > [email protected] > http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-general >
_______________________________________________ Evergreen-general mailing list [email protected] http://list.evergreen-ils.org/cgi-bin/mailman/listinfo/evergreen-general
