[Zope] RE: NT User Folder
Ava
ava@dde974.equipement.gouv.fr
Thu, 6 Jan 2000 13:51:31 +0400
> I have a question in regards to your
> jcNTUserFolder..........how can set the
> folder to authenticate to a remote Domain Controller?
When a user identify himself as USERNAME, it is considered to be
DEFAULTNTDOMAIN\USERNAME.
So I you want to authenticate users on a different domain than the local
domain, you have to change the Default NT Domain to the remote domain. I
suppose that your server have to be part of the domain.
Unfortunately, you have then to create each remote user in the 'domain
users' tab **in order to be able to give them roles**. If those users are to
be anonymous, you needn't create them in the tab.
Also, a user can log as DOMAIN\USERNAME to authenticate as USERNAME on
DOMAIN.
My product is currently designed to be run *on* a Domain Controller (primary
or backup) to be able to enumerate all the users of the domain.
Perhaps in a future version it will be able to enumerate users on a distant
server???
> In addition, when I use your product....the local Domain Name
> it sees is "NT Authority"
This is normal because you run Zope as a service. I noticed that the users
are authenticated the right way nevertheless. So it shouldn't be a problem.
If you are in doubt, change the default nt domain
> When I run the win32api.GetDomainName in the PythonWin I would get the
> correct Domain.
Pythonwin is not run as a service... :-)
> What can I do to change this?
It shouldn't be a problem. users should be authenticated the right way. If
you have problems, I am interested to hear about them.
PS: I hope to write some docs very soon. I apologize to release a product
without any docs. As usual, the source is to be read to understand how the
product work :-)
Regards,
Jephte CLAIN
minf7@educ.univ-reunion.fr