1 Topic by phils

  • phils
  • Member
  • Offline
  • From: Sydney, Australia
  • Registered: 2007-08-15
  • Posts: 322

Topic: Active Directory and LDAP

Context: a large school campus using NION for scheduling (among other things), with concerns about controlling user access (I'm not sure why they're having trouble with standard user accounts).
Question:

When will it connect to LDAP or AD??

Not being a network administrator, I'm not sure what Lightweight Directory Access Protocol will give them, but am raising the question.

Any comments welcome.
Thanks

"The single biggest problem in communication is the illusion that it has taken place."
                                                                                        - George Bernard Shaw

2 Reply by cwa

  • cwa
  • cwa
  • Peavey Technical Director
  • Offline
  • From: Boulder, Colorado USA
  • Registered: 2007-08-13
  • Posts: 193

Re: Active Directory and LDAP

My understanding is LDAP and AD are for controlling access to files on servers.  The NION  (and nControl) provide this through FTP which doessupport access control.  There are a lot of these standards out there, I don't think we'll be adding more.  Can the customer provide a compelling case for it?

3 Reply by mpfletcher

  • mpfletcher
  • AV Engineer
  • Offline
  • From: Signal Solutions
  • Registered: 2008-12-30
  • Posts: 24

Re: Active Directory and LDAP

I would love to see LDAP integration. LDAP does a lot more than control file access on servers. It is used to provide a unified user name and password to login to multiple accounts and services and also provide special permissions for certain users on the network.
For instance, at work I login to AD to get onto my computer. That same login gets me into my email. Let's say that the company's spam filter flagged a message addressed to me. The spam quarantine server holds the message and sends me a notice. To view the quarantined message, I go to a website and login with my same AD credentials. The box authenticates me to the domain controller using LDAP. Similarly, LDAP tells our web filters that I may have more or less access to website than others.
Sorry for the long lead in, but my point is that it would make nWare administration a breeze in stadium, school and theme park environments if the sys admin could just allow certain permissions to AD accounts. Also, it increases security because the password would automatically change every time the user changes their AD password (90 to 180 days in most cases) and the account would be locked as soon the AD account is locked. Bottom line: no re –deployments to modify or remove system access and better password security/management.

mpfletcher's Website