Joseph L. Casale writes:
Hi!
> I have been hunting for a while for a LAMP based CMS that offloads *all* user
> and
> cms group perms to an Active Directory site. I see midgard even has SSO Kerb
> based
> support (cool). Can it map all its group permissions to the AD site as well,
> so if
> I make an AD Security Group called Midgard-{Users,Publishers,Managers} etc,
> it would
> map AD users accordingly? The goal would be to not maintain any user/group
> config
> inside the cms except the initial associations for what AD group has what
> internal
> perms. Writing back to AD is not required.
You could use Trusted Midgard auth type and then could make NTLM or
Kerberos authentication.
Basically, Trusted auth _trusts_ any authentication which is done
separately.
But this will require to sync users' logins.
Thor generation (1.8 series) has built in support to create users on the
fly in the background, optimized for Shiboleth auth. Unfortunately it's
not ported to Ragnaroek (8.09 series).
Piotras
_______________________________________________
user mailing list
[email protected]
http://lists.midgard-project.org/mailman/listinfo/user
