Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Logon Workstation and LDAP

Status
Not open for further replies.

dgoldb1

IS-IT--Management
Aug 3, 2006
4
US
At my organization we have restricted workstation logon rights to only the user's personal workstation for security reasons. We recently installed a linux web server that uses LDAP to authenticate with Active Directory. The only way this works correctly is if the users have log on to rights to the domain controller in addition to their personal workstations. Does restricting log on to rights through active directory kill the use of LDAP for authentication? Would allowing log on to rights to a DC be a security issue? The users would not be able to actually log in to the DC because they are not a local admin.

Thanks.
 
I'm not sure if I understand what you're trying to do. Are you saying that your user can only login to their personal workstation locally and not through the domain controller? The way I understand it is, if the user does not have rights/permission to login to a workstation via active directory authentication, your web application will not be able to authenticate its user through active directory either. I don't know how anyone can bypass that when the user has no rights/permission in the domain controller to start with.

If I misunderstood your situation, please elaborate.
 
If your users are part of the domain users group then yes, it will work.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top