3 comments

Add a comment…

Sign in

prestine

Your email address

Check!

invalid email

(thinking…)

Reset

or sign in with

• 
• 

UserVoice password

Forgot password?

Create a password

Your name

I agree to the terms of service

Signed in as (Sign out)

Close

Close

Post comment Submitting...

• ehofstede commented  ·  April 30, 2013 12:44 p.m.  ·  Flag as inappropriateFlag as inappropriate  ·  Delete

  Just to keep your UTM "clean"...

• Ramon Lustrati commented  ·  February 25, 2011 12:40 a.m.  ·  Flag as inappropriateFlag as inappropriate  ·  Delete

  This would be a great feature and should be easy to implement, because the astaro is reaching the ldap on a easy way

• Gert Hansen commented  ·  March 28, 2010 12:27 p.m.  ·  Flag as inappropriateFlag as inappropriate  ·  Delete

  The current design requires to create a shadow account of the user from the active directory. The reason for this is, that we create a cert/key pair for this user automatically on the fly which is needed for additional authentication and this information can not be stored in the AD as Astaro never writes to the AD.

  But we do NOT store the password of the user in this cached user account. we only cache it for 15min (i think). This means if the disable the account in the AD or remove it from the group, he will NOT be able to log in anymore after 15min, as we do the password authentication against the AD then. If he still can, it is a bug.

  regards
  Gert