Jump to content

FM Server LDAP ident


xgireaud
 Share

This topic is 5634 days old. Please don't post here. Open a new topic instead.

Recommended Posts

  • Newbies

Hi gurus

I have a pb to solve quickly:

Briefly:

At work, we have a Fm Server + advanced (Web publishing)

The users ident is done by ldap query (Server 2003)

No pbs, all works fine, from lan and WAn (Web companion)

Question:

Today, the fm server in set to query LDAP from domain A

How can I set FM Server to query another LDAP (Domain B for exemple)

Basically: is it possible to reach FM Databases from two differents domains ( A and :P with ident done by each domains ldap?

Thx gurus

Xavier

Link to comment
Share on other sites

What you're saying is that you're using FMS External Authentication against an Active Directory, right?

And you want to have users authenticate against an Active Directory of another domain? You'll need to create a trust relationship between the two domains for this to work. Make sure to read up on the types of trust relationships and their consequences before you go down this road.

But in short, yes it is possible to do this. You may need FMS8 for this though, I don't recall off hand if this worked in FMS7. It may in v2 or v3 but it certainly didn't in v1 of FMS7.

Link to comment
Share on other sites

  • Newbies

Wim Decorte

Tx very much for your anwser.

What you need to know:

I already user FM Server 8.0 v2

I already created a relationship between the two domains. (It's works fine)

yes, I need to use AD Ldap authentification instead of Internal FM Databases Accounts.

Yhe only thing for which Im not sure:

What type of relationship do i need to create ?

Unidirectionnal or birectionnal ?

Did you performed this identification for two domains successfully ?

I think that Im close to the solution

Thx for your help

Xavier

Link to comment
Share on other sites

I did make it work with a uni-directional relationship. It should work with a bi-directional too but I didn't want to try that. I was making a relationship between my test domain and my production domain so I did not want to cross-authenticate testers in my production AD.

Which one you need depends on your other functional requirements. Restrict it to the minimum to avoid opening loopholes that people can take advantage off.

Link to comment
Share on other sites

This topic is 5634 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.