On Thu, 14 May 2009, Amos Jeffries wrote:
> What can be done is to glean some details such as machine IP and do some
> local not-quite-auth testing on it to see who is logged in and get their
> username back (NP: not password). AD may be able to map IP to current
> user. This has to be done in the background with an external_acl_type
> helper. It's called out-of-band authorization.
Are there any docs or howtos around on this? We use authentication one one
subnet, but it's a bit of a pain. We're not really that concerned to
require people to remember passwords, we just want to work out who the user
is with a reasonable level of accuracy. Authenticated proxies seem to
break various clients so if out-of-band might be an interesting
alternative.
Gavin
Received on Sat May 16 2009 - 11:52:23 MDT
This archive was generated by hypermail 2.2.0 : Sun May 17 2009 - 12:00:01 MDT