[Deploying Sakai] LDAP Integration Step by Step Guide

Grossman,John E john.grossman at mdanderson.org
Mon Sep 28 07:32:58 PDT 2009 

Steve - We recently set up LDAP in 2.6.0 using your instructions. However, we find that we do need to create the user accounts in Sakai by entering a user id. Otherwise, the LDAP authentication fails. Is there a setting that eliminates the need to do this?

We also have a related concern. Users can edit their account settings and create weak passwords in Sakai. Since Sakai allows authentication to fall through from LDAP to application-managed authentication, the users can then authenticate with these weak passwords. Do you have any suggestions for

1.       preventing LDAP-authenticated users from authenticating with internal Sakai passwords

2.       enforcing strong passwords for those users who don't have LDAP entries?

John


From: production-bounces at collab.sakaiproject.org [mailto:production-bounces at collab.sakaiproject.org] On Behalf Of Steve Swinsburg
Sent: Friday, September 25, 2009 8:07 AM
To: organic.ishtiaq at gmail.com
Cc: production at collab.sakaiproject.org; sakai-dev at collab.sakaiproject.org
Subject: Re: [Deploying Sakai] LDAP Integration Step by Step Guide

Delete the user from your Sakai instance or use another user in LDAP that doesn't have a record in Sakai. With LDAP you don't need to create the user accounts in Sakai, all of their info will come from LDAP.

cheers,
Steve



On 25/09/2009, at 10:36 PM, Ishtiaq Ahmad wrote:


Hi,
thanks for a nice document, I have followed all the steps mentioned in this document. But my SAKAI 2.5.4 is not authenticating from LDAP....
Steps:
I have a user in sakai and in LDAP: 0056
Password in sakai: 1234
Password in LDAP: 0056

Login Successful using sakai password but fail using ldap password...


Please tell me if any other configuration...or how can i trace whether sakai is using my specified ldap...?

Regards,
Ishtiaq Ahmad
On Fri, Sep 25, 2009 at 3:39 PM, Steve Swinsburg <steve.swinsburg at gmail.com<mailto:steve.swinsburg at gmail.com>> wrote:
Hi,

Here's one I prepared earlier:

http://confluence.sakaiproject.org/display/~steve.swinsburg/LDAP+in<http://confluence.sakaiproject.org/display/%7Esteve.swinsburg/LDAP+in>+Sakai+2.5

cheers,
Steve


On 25/09/2009, at 8:18 PM, Ishtiaq Ahmad wrote:
Need a step by step guide for integrating Sakai with LDAP in 2.5.x.



--
Regards,
Ishtiaq Ahmad




--
Regards,
Ishtiaq Ahmad

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/production/attachments/20090928/4136cc90/attachment.html

More information about the production mailing list