Active Directory Authentication with NConf

So I had to help someone else with getting NConf working with Active Directory LDAP on a Windows Domain, If you don’t understand the difference between DistinguishedName and sAMAccountName, then you will have some issues.

Currently NConf will only use a DN for successful authentication and authorization (2 steps to getting access to NConf). This means you can’t use your Active Directory username, but instead your DistinguishedName.

If you review the NConf Auth by Active Directory instructions and correctly configure all the options. Using an DistinguishedName of a valid Active Directory account for the username will result in a successful login. Versus using the Active Directory sAMAccountName which is typical the “username” we have all come accustomed to using.

Please note, when specifying the “AD_BASE_DN” as DOMAIN\<username>. You may find success in authenticating, but you won’t have authorization to access NConf. This is due to the memberof logic used in NConf, which fails due to an incorrect Bind DN being provided. It looks like NConf needs to build on the Active Directory integration.


Did you like this article?


0 Shares:
You May Also Like

FOSS Advertising Network Ad Bard

Ad Bard is a free advertising community for FOSS oriented websites and advertisers. A snippet from their about page
The Ad Bard Network aims to foster a friendly and useful advertising community for FOSS oriented websites and advertisers. As a fellow Ad Bard, you will help to ensure that the advertisements in our network remain useful, relevant, and non-obnoxious. Ad Bard members earn 80% of the price-per-click each time an advertisement is clicked on your website. Our advertising community is entirely built with free and open source software, with all involved algorithms and schemas freely available for public scrutiny.
Definitely a neat and good way for FOSS websites to generate revenue aside from donations. Ad Bard Website
Read More

Bug Clean up for QuickPwn

Not too long after releasing and updated PwnageTool and Quickpwn, the iphone-dev.org team has released an update to QuickPwn.
We’ve had some issues with iPod touch devices and the latest version of PwnageTool for the Mac, in certain conditions incorrect permissions will be used and the keychain doesn’t save passwords. So hold on and wait for the next release, we’ll push out the updated version via Sparkle as soon as it is tested (it is being tested right now).
Read More

Microsoft changes mind, agrees to fix IE’s URI handler

Microsoft agrees to release a patch to fix some of the security issues but not all in Internet Explorers URI Handler. I don't understand why Microsoft has such a lazy stance on security, I want to use Internet Explorer just as securely as any other browser. One mis-typed url after a fresh install of Windows could cause malicious software to gain entry to me desktop.
Microsoft changes mind, agrees to fix IE's URI handler - Microsoft has stated that they will be releasing a patch to fix some, but not all, potential security flaws resulting from third-party applications being fed maliciously malformed URI requests.Read More...
Read More