Highlighted
Absent Member.
Absent Member.
965 views

Changing to LDAP auth in POA: roll back possible?

Hello there!

I am thinking about to change to high security auth in POA because users have some trouble dealing with two passwords and I cannot apply security standards to password strength. My question is: if something went wrong, could I get back to groupwise embed auth again with all the previous passwords? How the remote mode mailboxes would behave? Because password is somehow embed inside.

Thank you.
Labels (2)
0 Likes
7 Replies
Highlighted
Absent Member.
Absent Member.

Re: Changing to LDAP auth in POA: roll back possible?

randolf,

what could go wrong? I'd use a test PO and play with it.

The original password will still be stored in the user database, so if you go back, the old password will still be there.
As for remote mailboxes, I haven't used them in years. I find caching so much easier. I assume (didn't test) it will error out upon the first connect and then ask for the LDAP password. It will probably then ask if you want to use the online password for the remote mailbox.

I'd create a test PO and play with it.

Uwe

--
Novell Knowledge Associate
Please don't send me support related e-mail unless I ask you to do so.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Changing to LDAP auth in POA: roll back possible?

buckesfeld;2336217 wrote:
randolf,

I'd create a test PO and play with it.
what could go wrong? I'd use a test PO and play with it.

The original password will still be stored in the user database, so if you go back, the old password will still be there.
As for remote mailboxes, I haven't used them in years. I find caching so much easier. I assume (didn't test) it will error out upon the first connect and then ask for the LDAP password. It will probably then ask if you want to use the online password for the remote mailbox.
.




I even didn't think about it. You are right. Btw, I thought that remote and catching were pretty similar. Indeed, I as Linux user, I am using groupwise in catching mode because remote is not offered.

Thank you.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Changing to LDAP auth in POA: roll back possible?

Confirmed. I does store passwords and if you want to switch back it keeps the previous one. Now I have to find out what happens with webaccess and gms service once you change to ldap and that unfortunately is not as easy as create other post office.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Changing to LDAP auth in POA: roll back possible?

randolf carter wrote on 10/15/2014 01:06 PM:
> Now I have to find out what happens with
> webaccess and gms service once you change to ldap and that unfortunately
> is not as easy as create other post office.


Think of Webaccess as just another client. I uses the same data as the Win32 client, just paints colorful HTML pictures to display it.
GMS as in Mobility? The stored password in the ActiveSync account will fail and users have to enter their directory password instead.

Uwe

--
Novell Knowledge Associate
Please don't send me support related e-mail unless I ask you to do so.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Changing to LDAP auth in POA: roll back possible?

buckesfeld;2336579 wrote:
randolf carter wrote on 10/15/2014 01:06 PM:
> Now I have to find out what happens with
> webaccess and gms service once you change to ldap and that unfortunately
> is not as easy as create other post office.


Think of Webaccess as just another client. I uses the same data as the Win32 client, just paints colorful HTML pictures to display it.
GMS as in Mobility? The stored password in the ActiveSync account will fail and users have to enter their directory password instead.



Yes, I could add a secondary post office to webaccess and It did work without no further config. Now I am trying that groupwise ask for other field rather than displayName I would like it to ask for samAccount because is shorter.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Changing to LDAP auth in POA: roll back possible?

It was as easy as copy full distinguishedName string in LDAP field in user account. Now it is working.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Changing to LDAP auth in POA: roll back possible?

randolf carter wrote on 10/16/2014 12:06 PM:
> It was as easy as copy full distinguishedName string in LDAP field in
> user account. Now it is working.


Glad you got it working.

Uwe

--
Novell Knowledge Associate
Please don't send me support related e-mail unless I ask you to do so.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.