You are not logged in.
- Topics: Active | Unanswered
Announcement
Download last stable version of GLPI - What can you do for GLPI ? : Contribute
#1 2010-04-25 11:02:52
- Passero
- Member
- From: Rome
- Registered: 2007-10-12
- Posts: 22
LDAP auth in a particular case (Logon to restriction)
Hi,
I'm try to using LDAP authentication (Win2003 server) from GLPI 0.78 (Debian 5 not joined to the domain).
I get users and relative detail but I have a big problem because, in my domain, we use the "Logon to" parameter to "lock" an user to one specific workstation.
Consequently only users without "Logon to" restriction are able to access to GLPI.
I wondered if there is a way to solve my problem.
Thank you very much
Passero
Last edited by Passero (2010-04-30 15:29:58)
Offline
#2 2010-04-25 13:30:08
- wawa
- GLPI-DEV
- From: Montpellier / France
- Registered: 2006-07-03
- Posts: 6,019
- Website
Re: LDAP auth in a particular case (Logon to restriction)
hello
I don't know a solution for your problem
Offline
#3 2010-04-25 19:59:24
- Passero
- Member
- From: Rome
- Registered: 2007-10-12
- Posts: 22
Re: LDAP auth in a particular case (Logon to restriction)
Hi,
I did some other tests.....
I configure the voice "rootdn (for non anonymous binds) :" with an domain admin to be able to query AD and all works correctly.
So i wondered why, with this config, an user of domain needs to be allow to "logon to" the AD server in order to correctly login in GLPI?
Thank you!
Passero
Offline
#4 2010-04-28 18:26:24
- EmpereurZorg
- Member
- From: ORLEANS
- Registered: 2005-12-31
- Posts: 604
Re: LDAP auth in a particular case (Logon to restriction)
With this configuration, it's not the client computer which authenticate the user, but the apache server.
You must add this web server in all "Logon to" users parameters...
Version GLPI : 10.0.6 + Plug'in Glpi + Agent Fusion 2.4
Plateforme : Win Server 2019 , Apache 2.4, PHP 8.1
Offline
#5 2010-04-30 10:14:07
- Passero
- Member
- From: Rome
- Registered: 2007-10-12
- Posts: 22
Re: LDAP auth in a particular case (Logon to restriction)
Hi EmpereurZorg,
actually not, I tried to put the name of web server into "Logon to" users parameters but I got same results, user can't login and moreover the user account was delete from user table of GLPI and you must reactive it.
Instead, if you put the name of the DC server into "Logon to" users parameters all works correctly, in fact, according to the logs of DC all request looks like originated from the server itself!!
Passero
Offline