| *** nowen (~nowen@50-194-249-125-static.hfc.comcastbusiness.net) has joined #wikid | 13:14 | |
| estranger | POC is going well, everything works (Watchguard SSL VPN + AD/NPS + WiKID). I just want to put a signed cert in for the https site for the ADRegister. Easy to swap out in a keystore? or easier to slap a proxy in front? | 14:27 |
|---|---|---|
| nowen | the keystore is /opt/WiKID/conf/tomcatKeystore | 14:29 |
| nowen | but a proxy would work too | 14:30 |
| estranger | is that just for the https? I didnt want to just start messing w/ that file | 14:30 |
| nowen | it is just for the https of tomcat | 14:30 |
| estranger | perfect | 14:30 |
| nowen | not related to the intermediate or localhost cert | 14:31 |
| estranger | ok, yeah, that was my only concern. thanks | 14:31 |
| nowen | and just so you know, those are also separate from the domain/token keys | 14:33 |
| estranger | yeah the last thing I wanted to do was start messing with the internal trust stuff going on in the background.. thats why I was considering the proxy :) | 14:35 |
| estranger | the other question I had, licensing.. each seat is a device? so if one user has a iphone and the local java app registered, that is two seats. | 14:47 |
| nowen | each unique username in a domain is a seat, so 2 tokens, 1 username = 1 seat | 14:48 |
| nowen | question: if we added the ability to reset an AD password via a token, would it be of interest? | 14:48 |
| estranger | Excellent on the licensing! And yeah, I would be interested in that I'd say | 14:51 |
| nowen | current thinking is that it would set the OTP as the password and flag it to be reset | 14:52 |
| estranger | wonder if it can solve an issue we have, users don't change their password and end up being locked out via expired password, then have to call us | 14:54 |
| nowen | that's what were trying to fix | 14:55 |
| estranger | huge interest then :) | 14:56 |
| nowen | those calls are quite expensive and as you know, annoying ;-) | 14:56 |
| estranger | exactly :) | 14:57 |
| *** Mike (1827fd3e@gateway/web/freenode/ip.24.39.253.62) has joined #wikid | 16:16 | |
| *** Mike is now known as Guest71991 | 16:17 | |
| Guest71991 | guess i get a new nickname, oh well | 16:17 |
| Guest71991 | quick question if anyone has a minute | 16:17 |
| Guest71991 | before I start installing wikid on my server for testing are there any particular ports I would need open to connect to a seperate network for wikid to work | 16:18 |
| Guest71991 | my current server that I'm thinking of installing wikid on will be on one internal lan and the pc we want to secure will be on another internal lan | 16:19 |
| *** Guest71991 has quit (Quit: Page closed) | 16:35 | |
| nowen | oops, stepped away for a bit | 16:38 |
| nowen | people need a bit more patience on irc ;-) | 16:38 |
| *** WiKIDLogBot (~WiKIDLogB@ec2-174-129-6-100.compute-1.amazonaws.com) has joined #wikid | 18:20 | |
| card.freenode.net | Topic for #wikid is: The topic for #wikid is: wikid WiKID's IRC support channel. Logs are here: http://www.wikidsystems.com/webdemo/irclogs/index.html. If no one is here use the forums: http://www.wikidsystems.com/support/support/wikid-forums. | 18:20 |
| card.freenode.net | Users on #wikid: WiKIDLogBot coolacid @nowen estranger qu3sti0n Teck7 joevano | 18:20 |
| *** merlin_ (1827fd3e@gateway/web/freenode/ip.24.39.253.62) has joined #wikid | 18:30 | |
| merlin_ | hey all | 18:30 |
| nowen | hi merlin_ | 18:30 |
| merlin_ | Hi nowen, I'm having an issue, I think with an existing apache website on my server that I'm trying to install wikid on | 18:31 |
| merlin_ | is there a way to change what ports wikid listens for? | 18:31 |
| nowen | yeah, that will be harder | 18:31 |
| nowen | you really need apache on the same server? | 18:31 |
| merlin_ | its on the same server, but I'm using scrollout f1 for spam and I can't seem to get to WikidAdmin | 18:32 |
| merlin_ | the scrollout f1 login always comes up instead | 18:32 |
| nowen | not sure what that is | 18:32 |
| merlin_ | no problem, I'll try removing wikid and install on a different machine | 18:32 |
| nowen | that's best b/c a flaw in your web app could give an attacker control of your auth server | 18:33 |
| nowen | separation of duties, FTW | 18:33 |
| merlin_ | true | 18:33 |
| merlin_ | X235bZ4aCL | 18:33 |
| nowen | oops ;-) | 18:33 |
| merlin_ | oops | 18:33 |
| nowen | been there, done that | 18:34 |
| merlin_ | now only need to search a billion places to see what that goes to | 18:34 |
| merlin_ | thanks for your help, I'll be off to build a test machine for just wikid now | 18:35 |
| nowen | ok. | 18:35 |
| merlin_ | oh, and change a password | 18:35 |
| nowen | I'll be around until about 4ish today. leaving early | 18:36 |
| *** merlin_ has quit (Quit: Page closed) | 18:36 | |
| *** WiKIDLogBot (~WiKIDLogB@ec2-174-129-6-100.compute-1.amazonaws.com) has joined #wikid | 18:53 | |
| card.freenode.net | Topic for #wikid is: The topic for #wikid is: wikid WiKID's IRC support channel. Logs are here: http://www.wikidsystems.com/webdemo/irclogs/index.html. If no one is here use the forums: http://www.wikidsystems.com/support/support/wikid-forums. | 18:53 |
| card.freenode.net | Users on #wikid: WiKIDLogBot coolacid @nowen estranger qu3sti0n Teck7 joevano | 18:53 |
| *** nowen has quit (Quit: Leaving.) | 20:33 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!