| *** coolacid has quit (Read error: Connection reset by peer) | 02:06 | |
| *** coolacid (~CoolAcid@unaffiliated/coolacid) has joined #wikid | 02:07 | |
| *** nowen (~nowen@99-174-92-191.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 12:57 | |
| *** bgeorge (41739342@gateway/web/freenode/ip.65.115.147.66) has joined #wikid | 13:44 | |
| bgeorge | Good morning. | 13:44 |
|---|---|---|
| nowen | morning | 13:45 |
| bgeorge | I have a bit of an problem. I updated to the newest release yesterday, and now my ADRegister.jsp isnt working. getting wClient connection errors | 13:46 |
| nowen | you may need to re-edit it if it was over-written | 13:46 |
| bgeorge | I made a backup, and I tried starting from scratch, no luck | 13:47 |
| nowen | ahh - what version were you on before? You may need to create new certs | 13:48 |
| nowen | 3.5.0-b1428 had a new CA Cert. the old one had expired | 13:49 |
| bgeorge | Yeah, I went through that process | 13:49 |
| nowen | hmm | 13:50 |
| bgeorge | The LDAP wauth_server code is all zeros in the GUI | 13:50 |
| bgeorge | is that normal? | 13:50 |
| nowen | you don't need the ldap protocol to be enabled to user ADRegister | 13:51 |
| nowen | can you run keytool on the localhost cert? http://www.wikidsystems.com/support/wikid-support-center/troubleshooting-faq/how-do-i-know-if-my-certificate-is-valid | 13:52 |
| bgeorge | the second one is expired | 13:54 |
| nowen | localhost? you can just create another one | 13:54 |
| bgeorge | Whelp, that worked. | 13:56 |
| nowen | good to hear, sorry for the confusion | 13:57 |
| bgeorge | All good, thanks for the help | 13:57 |
| *** bgeorge has quit (Quit: Page closed) | 13:58 | |
| *** Qasker- is now known as Qasker | 19:20 | |
| *** tschenk (40813d32@gateway/web/freenode/ip.64.129.61.50) has joined #wikid | 19:55 | |
| tschenk | I have a question about Wikid and Active directory authentication | 19:55 |
| tschenk | I want to know if it is required to setup a RADIUS server in order to use AD as the authentication source or if you can just point to the AD host as a LDAP server | 19:56 |
| nowen | hold on - on the phone ... | 19:57 |
| tschenk | thanks | 19:57 |
| *** bang (40813d32@gateway/web/freenode/ip.64.129.61.50) has joined #wikid | 19:58 | |
| *** bang is now known as Guest87217 | 19:58 | |
| nowen | tschenk: ldap won't proxy, only radius will. | 20:03 |
| nowen | It's not a wikid thing, it's an AD/LDAP thing | 20:05 |
| tschenk | proxy? | 20:06 |
| nowen | the radius plugin nps will do authorization in AD using the username. then proxy the creds to wikid | 20:06 |
| tschenk | so basically, the answer is yes, we have to have a radius server | 20:07 |
| nowen | yes, but NPS is free | 20:08 |
| tschenk | cost in this case is immaterial...I just didn't want to have to set up RADIUS if we didn't have to | 20:08 |
| nowen | well, you can have everything talk to wikid directly, without AD integration | 20:09 |
| tschenk | well, here is what I'm trying to accomplish | 20:10 |
| tschenk | We have an ASA VPN box | 20:10 |
| tschenk | we need two factor authentication ONLY for that | 20:10 |
| tschenk | it can talk directly to AD without RADIUS | 20:10 |
| nowen | Can the ASA do authorization to AD and then proxy the request to WiKID for authentication? | 20:12 |
| tschenk | I'm not sure | 20:12 |
| nowen | it might be able to do, but i'm guessing that it would want the AD password and OTP, plus username | 20:12 |
| tschenk | thanks for your help....I'll continue to research this | 20:13 |
| *** tschenk has quit (Quit: Page closed) | 20:14 | |
| *** Guest87217 has quit (Quit: Page closed) | 20:29 | |
| *** nowen has quit (Quit: Leaving.) | 21:30 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!