Its not hard and it’s perfectly practical. We have a few hundred dual boot desktop machines that use AD auth as well as a number of servers which use AD auth to enable windows clients to use their samba shares without explicit auth by the users. There was another article on SF about what you … Read more
This has been included in the stable release of Chrome 5.x as of May 2010. It works similar to Internet Explorer in that “Intranet” URLs (without dots in the address) will attempt single sign-on if requested by the server. To enable passthrough for other domains, you need to run Chrome with an extra command line … Read more
First of all – and in case other users happen to visit this page – there are only certain authentication methods that allow you to do promptless SSO. These are NTLM and Kerberos. LDAP – on the other hand – will never give you promptless SSO. NTLM is actually NTLMv1 and NTLMv2. These are very … Read more
This is a chronic problem with large Identity Management systems attempting to glue together heterogeneous systems. Invariably, you’ll be limited to the lowest common denominator, which all too often is an 8-character ASCII-alpha-numeric limit thanks to some (probably legacy) Unix-like system somewhere in the bowels of the datacenter. Those fancy modern systems can take arbitrary … Read more