mixed mode authentication
Posted: Thu Jan 27, 2011 11:08 am
Hi All,
I'm trying to set up TM1 to allow connection by either the built in admin account or by LDAP authentication.
I'm not looking at Integrated login or anything, it's ok that the users have to enter an ID/Password when Logging in.
So I have set IntegratedSecurityMode=2 in the CFG file as the manual says:
"When you install the TM1 server, the IntegratedSecurityMode parameter is set to 2. This is mixed mode, which allows you to login to TM1 using either standard TM1 security or LDAP security. "
I've already run ETLDAP and imported some users into TM1, I've bounced the services etc and can login with the admin account but not the LDAP one.
I try setting PasswordSource=LDAP and I can login using the LDAP and not the TM1 account
I try setting PasswordSource=TM1 and I can login with the TM1 account but not the LDAP one.
I suppose this is obvious but what I can't understand is what you put in the CFG file to allow you to use either the TM1 or LDAP account?
So I try putting both values on the same line and splitting with a comma or semi-colon:
PasswordSource=LDAP;TM1
and it won't let me log in with my LDAP account but will with the TM1 account, you would have thought it would have been the other way round given the order or the password source values.
So I am a bit flummoxed, I really need to be able to login with both, I don't need to use integrated security or get windows to match my LDAP login with my windows account or use kerebos or anything I just need to get IntegratedSecurityMode=2 to allow me to use both login methods- has anyone managed this? or am I misunderstanding the TM1 manual?
Cheers
I'm trying to set up TM1 to allow connection by either the built in admin account or by LDAP authentication.
I'm not looking at Integrated login or anything, it's ok that the users have to enter an ID/Password when Logging in.
So I have set IntegratedSecurityMode=2 in the CFG file as the manual says:
"When you install the TM1 server, the IntegratedSecurityMode parameter is set to 2. This is mixed mode, which allows you to login to TM1 using either standard TM1 security or LDAP security. "
I've already run ETLDAP and imported some users into TM1, I've bounced the services etc and can login with the admin account but not the LDAP one.
I try setting PasswordSource=LDAP and I can login using the LDAP and not the TM1 account
I try setting PasswordSource=TM1 and I can login with the TM1 account but not the LDAP one.
I suppose this is obvious but what I can't understand is what you put in the CFG file to allow you to use either the TM1 or LDAP account?
So I try putting both values on the same line and splitting with a comma or semi-colon:
PasswordSource=LDAP;TM1
and it won't let me log in with my LDAP account but will with the TM1 account, you would have thought it would have been the other way round given the order or the password source values.
So I am a bit flummoxed, I really need to be able to login with both, I don't need to use integrated security or get windows to match my LDAP login with my windows account or use kerebos or anything I just need to get IntegratedSecurityMode=2 to allow me to use both login methods- has anyone managed this? or am I misunderstanding the TM1 manual?
Cheers
