Results 1 to 5 of 5

Thread: Single Sign on

  1. #1
    Join Date
    Mar 2008
    Posts
    4
    Rep Power
    7

    Default Single Sign on

    Hello folks,

    I am trying to do a major migration (75.000 users/mailboxes)from exchange to zimbra but the pilot has to be succesfull.

    My biggest concern now is single sign on with kerberos.

    our network is based on active directory and an opensource authentication server with a trust to the windows domain. Both authentication servers are based on kerberos version 5.

    I have searched the forums the wiki's and the official documentation but i cannot find a satisfying answer to my question.

    Does zimbra do single sign on to the web portals? Does zimbra do single sign on from the desktop and does it do single sign on from outlook/evolution?

    If it does can someone point me to some documentation which i probably have missed.

    With kind regards,

    William

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Welcome to the forums.

    The documentation you're looking for is Preauth, it's in the wiki here: Preauth - Zimbra :: Wiki
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Mar 2008
    Posts
    4
    Rep Power
    7

    Default

    that is something but i already have a kerberos setup wich works fine.

    i hoped that zimbra could use kerberos tickets with a keytab file so i wouldn't have to do something special like the preauth keys and stuff.

    Are there no other possibilities?

    With kind regards

  4. #4
    Join Date
    Mar 2008
    Posts
    4
    Rep Power
    7

    Default

    Well i have looked to the preauth thing but thats not what i wanna do/mean.

    I have i few web apps who do single sign on right now.

    The browsers do support spnego/gss-api which provides a challenge response authentication. I have setup a few webapps like mantis which can see if a user is logged on with mod_auth_kerb if so then the username is set in apache, then zimbra could look if the username is set and consider the authentication succesfull if the user also exists in the zimbra ldap server.

    I don't think that should be hard to implement but i don't have the time right now to look at it.


    Do you folks know if that should be possible?

    could it be a feature request?

    With kind regards

    William van de Velde

  5. #5
    Join Date
    Mar 2008
    Posts
    4
    Rep Power
    7

    Default

    bump !

    Does someone has an idea about the above?

    With kind regards

    William van de Velde

Similar Threads

  1. Single Sign On
    By Dirk in forum Administrators
    Replies: 19
    Last Post: 03-12-2010, 05:10 AM
  2. Replies: 4
    Last Post: 09-05-2007, 02:33 PM
  3. Single Sign On with CAS from Yale
    By croffler in forum Installation
    Replies: 3
    Last Post: 08-14-2007, 12:59 PM
  4. Single Sign On (SSO) and Passwords
    By phingers in forum Developers
    Replies: 0
    Last Post: 01-30-2007, 08:32 AM
  5. Single quotes and properties files
    By Kafka in forum I18N/L10N - Translations
    Replies: 3
    Last Post: 05-20-2006, 12:04 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •