David wrote
I am currently building an intranet utilising Zope/Plone and plan on authenticating users via LDAP (ldapuserfolder). However I am now expected to implement a "single sign on" system for the company which currently uses NT domains to authenticate users.
Has anybody had any experience in this? I'm beginning to think that it may be "easier" (short term at least) to just authenticate people via NT domain and drop the ldap. I will be very grateful for any advice.
I had serious troubles trying to authenticate zope to an Active Directory (NT-domain), because it's not completly LDAP. It was relatively easy to use Radius (which is also supported by NT, but might require some additional software on the NT domain server). I used Apache 1.3.x in front of Zope. The user was both authenticated by Apache and Zope. Pieter