This repository has been archived by the owner on Jan 15, 2019. It is now read-only.
[dev.icinga.com #1294] New auth provider parameter: auth_strip_domain #342
Labels
Comments
|
Updated by jmosshammer on 2011-04-14 07:45:44 +00:00
Applied in changeset 496f612. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This issue has been migrated from Redmine: https://dev.icinga.com/issues/1294
Created by tgelf on 2011-03-17 10:35:12 +00:00
Assignee: (none)
Status: Resolved (closed on 2011-04-14 07:45:44 +00:00)
Target Version: (none)
Last Update: 2011-04-14 07:45:44 +00:00 (in Redmine)
I had to combine HTTP-Basic Auth (Kerberos with AD) with LDAP Lookups (to let Icinga nonetheless retrieve full names and email addresses) - there the domain part of the username has been an issue for me.
Especially AD environments grown over time can provide you with different upper/lowercase styles for usernames in your Kerberos tickets (e.g. user@domain VS user@DOMAIN). And usernames in your LDAP tree are easier to be searched for if you either strip the domain or convert it to a valid LDAP name.
However, most of the times an option named "auth_strip_domain" would help you to avoid struggling with such details. The attached patch does so, it would be great if you could add this feature to Icinga-Web.
Regards,
Thomas Gelf
Attachments
Changesets
2011-04-14 06:13:59 +00:00 by jmosshammer 496f612
The text was updated successfully, but these errors were encountered: