MiCollab IDS Authentication

[martyn]

Has anyone had any success in configuring authentication when using IDS on MiCollab?

It seems that the documentation is incomplete, and doesn't explain what is required from the LDAP/AD side of things in order for SSL or TLS authentication to work. You cannot leave it unsecured when authentication is enabled.

[pkriek]

Hi

same question here. We have always created accounts on the vMCD., then synced to the MAS. This is still the way of working.
We want to enable IDS on the MAS server for authentication only.

second step could be provisioning from MAS / AD to the vMCD.

has somebody already implemented this?

thanks

Patrick

[johnp]

New version, IDS to MiCollab and flow through would be what I'd do. You need to have the certificate part working on AD to get the password part working.

[martyn]

Just to follow up on this. You need to have an SSL certificate on the LDAP server you are binding against in order for the SSL/TLS to work. This obviously requires certificate services, IIS, etc to be configured on the domain, so if that isn't there needs to be added.

Only other thing to note, that even with authentication enabled, this still doesn't actually do the authentication for UM Advanced. The user still needs to put their username and password (every time that they are forced to change it) in to the MAS portal in order for Advanced UM to work.     

[bluewhite4]

Just to follow up on this. You need to have an SSL certificate on the LDAP server you are binding against in order for the SSL/TLS to work. This obviously requires certificate services, IIS, etc to be configured on the domain, so if that isn't there needs to be added.

This depends on your domain setup and what version of Windows your domain controller is. For 2008R2 and below, it doesn't have to communicate over SSL/TLS thus no certificate is needed. That is required now for 2012.

Only other thing to note, that even with authentication enabled, this still doesn't actually do the authentication for UM Advanced. The user still needs to put their username and password (every time that they are forced to change it) in to the MAS portal in order for Advanced UM to work.     

Can't you use the SuperUser account so then the end-user passwords don't have to be maintained?

[martyn]

Can't you use the SuperUser account so then the end-user passwords don't have to be maintained?
[/quote]
Not that I know of, but happy to find out otherwise!

[bluewhite4]

Can't you use the SuperUser account so then the end-user passwords don't have to be maintained?

Not that I know of, but happy to find out otherwise!
[/quote]
I guess I made the assumption that you were using Exchange 2010/2013.


Sent from my iPhone using Tapatalk

[martyn]

Can't you use the SuperUser account so then the end-user passwords don't have to be maintained?

Not that I know of, but happy to find out otherwise!

I guess I made the assumption that you were using Exchange 2010/2013.


Sent from my iPhone using Tapatalk
[/quote]
Ahh ok, no sorry, Office 365 in this case.