cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Need to share some code when posting a question or reply? Make sure to use the "Insert code sample" menu option. Learn more! X

Need ability to authenticate Integrity users from multiple top level LDAP user domains

Need ability to authenticate Integrity users from multiple top level LDAP user domains

Status: Alternate Solution Submitted by 1-Newbie on ‎May 15, 2017 11:26 AM
7 Comments (7 New)

This would apply for

Active Directory

Novell eDirectory

others ...

See more ideas labeled with:
7 Comments
khoppe
14-Alexandrite
14-Alexandrite
‎Nov 14, 2017 11:02 AM
‎Nov 14, 2017 11:02 AM

This would also be great if in LDAP System is used like DirX which allows to have a Forest of LDAP Domains (per location) which are combined to one general for the company (which can't be used for placing requests).

 

Siddharth
9-Granite
9-Granite
‎Oct 08, 2018 04:27 AM
‎Oct 08, 2018 04:27 AM
Status changed to: New Idea

Have you considered using LDAP-referrals ?

If you're using it & faced any shortcoming, can you please describe the entire use for PTC ILM Security team to gather additional details ?

Siddharth
9-Granite
9-Granite
‎Nov 22, 2018 03:04 AM
‎Nov 22, 2018 03:04 AM

I have some more information to share in this regards.

There are couple of scenarios for setting up authentication over multiple LDAP domains in ILM.

 

  1. Subdomains (child-level domains) in the same LDAP forest (i.e. top-level domain) – which is supported by PTC
    i.e. ldap.host.1=sub.domain.com
          ldap.host.2=anothersub.domain.com
    Refer supported article at : https://www.ptc.com/en/support/article?n=CS117076&language=en&posno=3&q=user.dn.2&ProductFamily=Inte...

  2. Domains across multiple LDAP forests (i.e. multiple top-level domain) – which is not supported by PTC.
    However, some customers have been using Microsoft Active Directory Application Mode (ADAM) to address their authentication requirements.
    Refer supported documentation article at : https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc738377(v=ws....

I believe, scenario # 2 mentioned above matches with the requirement described in Idea.

BKroell
7-Bedrock
7-Bedrock
‎Nov 26, 2018 11:16 AM
‎Nov 26, 2018 11:16 AM

From ZF perspective this idea is outdated and it could be  closed.

 

Meanwhile we have a working multiple LDAP solution in place. This solution is based on the support article mentioned in the previous comment in scenario 1.

Siddharth
9-Granite
9-Granite
‎Jan 31, 2019 02:03 AM
‎Jan 31, 2019 02:03 AM

@BKroell Thanks for the confirmation.

I'm now closing this idea.

Siddharth
9-Granite
9-Granite
‎Jan 31, 2019 02:04 AM
‎Jan 31, 2019 02:04 AM
Status changed to: Alternate Solution
 
FH_9089421
3-Visitor
3-Visitor
‎Sep 27, 2021 11:39 PM
‎Sep 27, 2021 11:39 PM

Microsoft Global Catalogs used sid as an unique key in the different top level forest domains, we need Integrity RV&S support Global Catalog.