1 Reply Latest reply on Feb 9, 2016 3:20 PM by typhoon87

    Disconnecting LDAP

    redlitnig

      We were wondering what would happen to all the existing clients/customers/users in our WebHelpDesk data base if we turn off the LDAP connection.  We discovered that our organization's policies will not allow us to run multiple authentication platforms when we make our db forward facing.

      So we are moving our application to a DMZ and just plan on moving forward with manually created accounts.

      We are thinking, if we disconnect the LDAP, that the existing accounts will remain the same.  Just when they need to reset their password, they will have to do it manually and not count on our domain services to automatically update the password change.

       

      Making any sense?

        • Re: Disconnecting LDAP
          typhoon87

          So the users would be able to log In for the Cache Time Period that is set up in the individual LDAP connection. The issue would be I don't think they would just auto "convert" to local accounts for password reset the user would not be able to log in until the next sync with AD. You would likely be recreating all of the user accounts, and since there is not a supported template import from csv for users it would be by hand. If there are a lot of users good luck to you. You would also likely lose the clients ticket history.

           

          My question would be how is this a multiple authentication platform? You are using the same credentials as AD so its all one platform. If you mean that the users get prompted a second time for autntentication would it not be easier to set up SSO?