pefoley2
commented
8 years ago So, should this be an alternative to master password that tries a simple bind w/ the supplied creds? I assume we'd want a hard-coded list of valid usernames for this?
Closed jwoglom closed 6 years ago
pefoley2
commented
8 years ago So, should this be an alternative to master password that tries a simple bind w/ the supplied creds? I assume we'd want a hard-coded list of valid usernames for this?
jwoglom
commented
8 years ago This was to allow the eighth period office user, before it was in Kerberos, to log in. Don't believe there are any other non-krb accounts that I know of, so this is on hold for now.
On Tue, Mar 1, 2016, 1:28 PM Peter Foley notifications@github.com wrote:
So, should this be an alternative to master password that tries a simple bind w/ the supplied creds? I assume we'd want a hard-coded list of valid usernames for this?
— Reply to this email directly or view it on GitHub https://github.com/tjcsl/ion/issues/105#issuecomment-190843083.
The eighthoffice account formerly did not exist in Kerberos, making login impossible in Ion. In Iodine, login only required using an LDAP simple bind for users such as eighthoffice. While adding users to Kerberos is an option, allowing authorization for specific users without it allows them to login when our Kerberos infrastructure is down and we should consider adding this functionality back in the future.