Skip navigation
John_Shaft
John_Shaft
Currently Being Moderated

LDAP Integration and Password Authentification

Mar 15, 2007 7:51 AM

Hi,

I have got a Connect Enterprise Server up and running. Now I configured the LDAP Connection to import the User and Groups from our Windows Server 2003 Active Directory Services. Now after this import the imported useraccounts don't have an initial password.

It looks like there are three ways to go on with the password authentification which is explained in the install guide.

1. Do nothing, means I set up a Authentification Proxy to do the user/password check for a Single-Sign-On
2. send an email to all users to change/set their password
3. set the password to an existing LDAP field value

It seems to me that it is not possible to check the password "realtime" (live at the login) against the real LDAP password without setting up a proxy or any other authentification instance. Or is this wrong? I don't need a Single-Sign-On, I just wan't the Users Windows Password to be also their Adobe Connect Password.

We are using another software in our company which exactly do this. You can also import the user account (external users) so you must not create it manualy. Now, when you login, the software check if your useraccount exists in the LDAP, and when this check is true the password will be chekced too. Otherwise the useraccount will be checked against the user and password entries in the local database (internal users). If these checks fail the user is a guest or the login will be rejected.

Is it possible to configure the Adobe Connect Server as well?

Thx
11454 Views   57 Replies   Latest reply: Vincent Toesca, Oct 3, 2010 9:27 AM
 
Replies 1 2 Previous Next
  • rbschuv
    Currently Being Moderated
    1. rbschuv,
    Mar 16, 2007 1:42 AM   in reply to John_Shaft
    Report
    Hi John,

    There is no way Connect can retreive your user's AD passwords. In your case the best would probably be to set up NTLM authentication. If a user is authenticated on your AD and the account has been imported in the Connect database, the user get automatically logged in. Then you only need to set passwords for users who need a Connect account but have no AD account.

    An other solution is HTTP header authentication, but in this case you need your own authentication mechanism.

    HTH

    vincent
     
    |
    Mark as:
  • * T *
    Currently Being Moderated
    2. * T *,
    Mar 16, 2007 5:01 AM   in reply to rbschuv
    Report
    Actually, talk to your Adobe rep about a BSA that will authenticate users real-time against an LDAP. I'm not over-familiar with it, but I know it exists.
     
    |
    Mark as:
  • John_Shaft
    Currently Being Moderated
    3. John_Shaft,
    Mar 16, 2007 6:14 AM   in reply to John_Shaft
    Report
    Thanks for your reply.

    I found a homepage of a company named Intesolv, here the link:
    http://www.intesolv.com/solutions/cp/connect/ConnectServices.asp#LDAP

    Perhaps the part "Real-time User Authentication with your Active Directory or other LDAP." is what you mean *T*?

    Could you be please more detailed? What is BSA? And do you have any web links i can read about it?

    Thx in advance
     
    |
    Mark as:
  • John_Shaft
    Currently Being Moderated
    4. John_Shaft,
    Mar 16, 2007 6:23 AM   in reply to rbschuv
    Report
    Hi rbschuv,

    I think the problem will be, that you must use IE to use NTLM authentifivation but nearly 80% of my company is using Firefox instead, because we have no "restrictions" that the users have to use IE. So this authentification method would only work for little part of our users.

    I think the real-time AD or LDAP authentification is no problem that a developer could not resolve, but actually there was no need for this type of authentification like this, I think. Perhaps an official feature request will work ;-)

    I'll wait until monday and speak to my Adobe responsible person, perhaps he knows something about BSA

    Thx.
     
    |
    Mark as:
  • * T *
    Currently Being Moderated
    5. * T *,
    Mar 16, 2007 1:19 PM   in reply to John_Shaft
    Report
    Sorry, BSA=Breeze Solution Accelerator.
     
    |
    Mark as:
  • UseBreeze
    Currently Being Moderated
    6. UseBreeze,
    Mar 20, 2007 10:22 AM   in reply to John_Shaft
    Report
    rbschuv - We have used NTLM authentication for the past year or so and our biggest problem with it is authentication doesn't always work - users are frequently prompted to login into Breeze. This causes many problems.

    The work arounds we use are: 1. have them close all their browser windows and try again, or 2. reset their password via the "forgot you password" link, so they can login via the Breeze login screen.

    Has anyone seen or heard of this issue? Is there a fix?

    Thanks!
     
    |
    Mark as:
  • John_Shaft
    Currently Being Moderated
    7. John_Shaft,
    Mar 21, 2007 12:11 AM   in reply to John_Shaft
    Report
    Hello together,

    I think I've got a solution for my Real-Time-LDAP-Password-Check. T was right there is a BSA package, which exectly do this but it is not available through the website or any download.

    For this you don't need a NTLM Server running or a reverse proxy for user authentication. It simply checks over the LDAP port to your LDAP server and
    returns if the login is granted through the LDAP password ior not.

    Yesterday I spoke to a Breeze dev. and he sent me these scripts. He said they will be already implemented into the next Breeze version but will also work with Breeze 6.

    When some is interested in this solution please send me pm with your email adress and I will send the zip file to you.

    Regards,
    Andreas
     
    |
    Mark as:
  • rbschuv
    Currently Being Moderated
    8. rbschuv,
    Mar 21, 2007 2:24 AM   in reply to UseBreeze
    Report
    Hi UseBreeze,

    We have the same problem here. Sometimes NTLM doesn't work and we need to restart the browser. We want to avoid having users to set local passwords because it is one more password to manage which is not in sync with th AD one and they get confused . I actually took out the link "forgot your password" on the login page.

    The solution John Shaft talks about seems to be the solution. I'll investigate it.

    vincent
     
    |
    Mark as:
  • agtdino
    Currently Being Moderated
    9. agtdino,
    Feb 22, 2008 1:04 PM   in reply to John_Shaft
    Report
    Hi,


    I trying to implemente into my AConnect real-time LDAP autentication, and have all somethings problems that say here in this forum. Can someone provide the script's for realtime LDAP autentication with AConnect? Any help would be apreciated.

    Thank's and regards
     
    |
    Mark as:
  • A.Petri
    Currently Being Moderated
    10. A.Petri,
    Feb 24, 2008 11:15 PM   in reply to agtdino
    Report
    Hi dino,

    when you give me you mail adress I will send you the ldap authenticator.

    Regards,
    Andreas
     
    |
    Mark as:
  • TLT_Engineer
    Currently Being Moderated
    11. TLT_Engineer,
    Mar 10, 2008 3:24 PM   in reply to John_Shaft
    Report
    Hello A.Petri,

    Would it be possible to send me the LDAP authenticator as well? I have been searching for this solution for some time. I sent a private message to you with my email address. Thank you.

    Regards,
    Stanley
     
    |
    Mark as:
  • FSL_DiGi
    Currently Being Moderated
    12. FSL_DiGi,
    Mar 14, 2008 7:55 AM   in reply to John_Shaft
    Report
    what is Breeze Solution Accelerator?
     
    |
    Mark as:
  • TLT_Engineer
    Currently Being Moderated
    13. TLT_Engineer,
    Mar 14, 2008 1:53 PM   in reply to John_Shaft
    Report
    Anyone have the LDAP Authenticator BSA, or know where I can download it? Thanks.

    Breeze Solutions Accelerators are sample code and documentation to help you integrate Breeze functionality with your directory services, intranet applications, and portal pages using standards such as such as XML, ColdFusion, .NET, and J2EE.

    I cut and pasted this from Adobe's site:
    http://www.adobe.com/devnet/acrobatconnect/articles/solution_accel_dow nloads.html

    Regards,
    Stanley

     
    |
    Mark as:
  • kirkhowell
    Currently Being Moderated
    14. kirkhowell,
    Mar 29, 2008 12:41 AM   in reply to John_Shaft
    Report
    good to know
     
    |
    Mark as:
  • Maldivas_11
    Currently Being Moderated
    15. Maldivas_11,
    Apr 1, 2008 3:26 AM   in reply to John_Shaft
    Report
    Dear Andreas:
    I have read that:
    Hello together,

    I think I've got a solution for my Real-Time-LDAP-Password-Check. T was right there is a BSA package, which exectly do this but it is not available through the website or any download.

    For this you don't need a NTLM Server running or a reverse proxy for user authentication. It simply checks over the LDAP port to your LDAP server and
    returns if the login is granted through the LDAP password ior not.

    Yesterday I spoke to a Breeze dev. and he sent me these scripts. He said they will be already implemented into the next Breeze version but will also work with Breeze 6.

    When some is interested in this solution please send me pm with your email adress and I will send the zip file to you.

    Regards,
    Andreas

    We are an spanish company specilized in developing PDF forms and other type of applications and also involved with Adobe, specially in Connect.
    I will appreciate if you can send me the zip file to solve the LDAP question.
    My email is desireem@nartexsoft.com.
    Thanks in advance.
    Desirée
     
    |
    Mark as:
  • Maldivas_11
    Currently Being Moderated
    16. Maldivas_11,
    Apr 1, 2008 3:26 AM   in reply to John_Shaft
    Report
    Dear Andreas:
    I have read that:
    Hello together,

    I think I've got a solution for my Real-Time-LDAP-Password-Check. T was right there is a BSA package, which exectly do this but it is not available through the website or any download.

    For this you don't need a NTLM Server running or a reverse proxy for user authentication. It simply checks over the LDAP port to your LDAP server and
    returns if the login is granted through the LDAP password ior not.

    Yesterday I spoke to a Breeze dev. and he sent me these scripts. He said they will be already implemented into the next Breeze version but will also work with Breeze 6.

    When some is interested in this solution please send me pm with your email adress and I will send the zip file to you.

    Regards,
    Andreas

    We are an spanish company specilized in developing PDF forms and other type of applications and also involved with Adobe, specially in Connect.
    I will appreciate if you can send me the zip file to solve the LDAP question.
    My email is desireem@nartexsoft.com.
    Thanks in advance.
    Desirée
     
    |
    Mark as:
  • jpadron_uy
    Currently Being Moderated
    17. jpadron_uy,
    Apr 3, 2008 8:27 AM   in reply to John_Shaft
    Report
    Hi John

    I happen exactly the same problem, I need Real-Time User Authentication with your Active Directory to my Adobe Connect.

    I have been looking for information on the matter, and always came to the same thing, that there is a file named "connect_ldap_authenticator.jar" or "breeze_ext_ldap.jar" that does this, but no one said where or as a get.

    I saw your post, and has been able to solve the problem.

    Could you please help me?

    My email is jpadron_uy@msn.com

    Thank you!
    Greetings.
     
    |
    Mark as:
  • Roberto_Seara
    Currently Being Moderated
    18. Roberto_Seara,
    Apr 14, 2008 11:05 PM   in reply to John_Shaft
    Report
    Hello John
    I'm looking for this file that you mentioned to solve the psw authentication.
    Could you help me?
    My email is roberto@classroom.com.br
    Thank you!
    Greetings.
     
    |
    Mark as:
  • peppies
    Currently Being Moderated
    19. peppies,
    May 3, 2008 1:21 PM   in reply to John_Shaft
    Report
    Wonderful, this seems to have fixed my problem as well.

    Thanks
    Best
     
    |
    Mark as:
  • Adam Jan
    Currently Being Moderated
    20. Adam Jan,
    May 17, 2008 10:46 AM   in reply to peppies
    Report
    If i was you i would talk about this with a networking expert, as it seems to me a really big networking issue.
     
    |
    Mark as:
  • drutter
    Currently Being Moderated
    21. drutter,
    May 25, 2008 1:58 AM   in reply to John_Shaft
    Report
    Could someone post the files for the
    'Real-Time-LDAP-Password-Check.'
    that Andreas refers to above, thanks.

    In particular the file connect_ldap_authenticator.jar
    which is described in the following adobe article: http://kb.adobe.com/selfservice/viewContent.do?externalId=kb401076&sli ceId=1
    The article mentions that it can be downloaded but doesn't say from where.

    Thanks
    David Rutter
     
    |
    Mark as:
  • Andreas Petri
    Currently Being Moderated
    22. Andreas Petri,
    May 27, 2008 12:44 AM   in reply to drutter
    Report
    Hi together,

    I will get these files today!!!

    Can someone provide me a webspace where I can put these files for everyone still interested in?! Perhaps someone has a public connect session URL with a fileshare-pod?

    *EDIT1* You can also post your mail adress here so I can send the little zip file to you. /*EDIT1*
    *EDIT2* I have the files now./*EDIT2*

    Cheers,
    Andreas

     
    |
    Mark as:
  • gent44
    Currently Being Moderated
    23. gent44,
    Jun 9, 2008 1:30 AM   in reply to John_Shaft
    Report
    It fixed my problem thanks
     
    |
    Mark as:
  • dbdrag
    Currently Being Moderated
    24. dbdrag,
    Jun 10, 2008 5:25 AM   in reply to John_Shaft
    Report
    i was looking for this solution only.thanks for awesome help an support adobe:)
     
    |
    Mark as:
  • robertinno
    Currently Being Moderated
    25. robertinno,
    Jun 11, 2008 6:55 AM   in reply to John_Shaft
    Report
    Thank you for this topic. It is help me to resolve my problem too.
     
    |
    Mark as:
  • forexsystemprofi
    Currently Being Moderated
    26. forexsystemprofi,
    Jun 12, 2008 5:21 AM   in reply to robertinno
    Report
    It was realy helpfull!
     
    |
    Mark as:
  • tomellos
    Currently Being Moderated
    27. tomellos,
    Jun 17, 2008 5:25 AM   in reply to John_Shaft
    Report
    Hi Andreas, I need these files, sent you a PM with RS account where you can put these files or please send this to vertedera[at]gmail.com.

    Thanks in advance mate.
    Regards.

    Tomelloso
    Comercial

     
    |
    Mark as:
  • fxstrategy
    Currently Being Moderated
    28. fxstrategy,
    Jun 18, 2008 9:29 AM   in reply to John_Shaft
    Report
    Would it be possible to send me the LDAP authenticator as well?
     
    |
    Mark as:
  • tomillar
    Currently Being Moderated
    29. tomillar,
    Jun 18, 2008 10:46 AM   in reply to John_Shaft
    Report
    Thanks for useful info, this give me the solution to my problem. Thanks for share.
    Diseño
     
    |
    Mark as:
  • Andreas Petri
    Currently Being Moderated
    30. Andreas Petri,
    Jun 18, 2008 11:48 PM   in reply to fxstrategy
    Report
    quote:
    Originally posted by: fxstrategy
    Would it be possible to send me the LDAP authenticator as well?


    Sure, just write your email adress in here and I will send you the zip file.

    Cheers,
    Andreas
     
    |
    Mark as:
  • SLP_Trading_Group
    Currently Being Moderated
    31. SLP_Trading_Group,
    Jun 20, 2008 2:22 AM   in reply to John_Shaft
    Report
    It's working now! thanks
     
    |
    Mark as:
  • Roberto_Seara
    Currently Being Moderated
    32. Roberto_Seara,
    Jun 30, 2008 10:10 PM   in reply to John_Shaft
    Report
    Hello Andreas Petri,
    Thank you for your help!
    This files fix the problems and now the integration works fine.
     
    |
    Mark as:
  • ruidera
    Currently Being Moderated
    33. ruidera,
    Jul 2, 2008 8:36 AM   in reply to John_Shaft
    Report
    Please, I have the same problem. Can some send me this file to solve the problem? Please send to gomatico[at]yahoo.com. Thanks.


    Arte y artistas
     
    |
    Mark as:
  • Andreas Petri
    Currently Being Moderated
    34. Andreas Petri,
    Jul 7, 2008 3:45 AM   in reply to ruidera
    Report
    Hi ruidera,

    I have had some problems sending you the package to the mail adress mentioned in you post. I tried it several times but I get always the same error message from your mail provider.
    Please check it or tell me a different adress to send the package to you.

    Cheers,
    Andreas
     
    |
    Mark as:
  • adobegator
    Currently Being Moderated
    35. adobegator,
    Jul 15, 2008 7:50 AM   in reply to John_Shaft
    Report
    Is it possible to configure the Adobe Connect Server as well?

    Yes it is possible. i can't write all steps. but look around on adobe, you will get guide.
     
    |
    Mark as:
  • chsajid11
    Currently Being Moderated
    36. chsajid11,
    Jul 21, 2008 12:21 AM   in reply to John_Shaft
    Report
    may be yes or may be not. when you import , some file missing. but i am not sure about which files.
     
    |
    Mark as:
  • johngfcare
    Currently Being Moderated
    37. johngfcare,
    Jul 21, 2008 6:38 AM   in reply to John_Shaft
    Report
    thank you so much Andreas Petri
     
    |
    Mark as:
  • 3dparty
    Currently Being Moderated
    38. 3dparty,
    Jul 26, 2008 4:49 PM   in reply to John_Shaft
    Report
    Please explain, what is Breeze Solution Accelerator?
     
    |
    Mark as:
  • webpro2k
    Currently Being Moderated
    39. webpro2k,
    Aug 12, 2008 2:00 AM   in reply to 3dparty
    Report
    Anyone know where to I look for Adobe Graphics Forum?
     
    |
    Mark as:
1 2 Previous Next
Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)