on 03-13-2006 4:28 PM
Here's my problem. I have 20 or so developers using the NDI. Each one of them has a local J2EE WAS for development as expected. They setup the SLD data supplier with their NT logon and password. The SLD uses active directory for authentication.
So far so good, everything works fine, until they are required to change their NT password. This happends every 60 days. Long enough for them to forget that they need to also change the SLD supplier password in Visual Administrator.
This means that every 60 days every developer comes to me asking why things aren't working anymore. I remind them to change the password in VA (many times this requires me to show them how again), and unlock their account.
Aside from making a service account that does not require a password change (this is a violation of our security policy), does anyone have any ideas how to solve this?
I was thinking SSO might be a solution, but I'm not sure if that is possible or even a good idea.
That's not a bad idea. I guess I could create a local account on the UME for the SLD server for each developer, something like JSMITH also has JSMITH_SLD. With this account only being used for SLD access.
Thanks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I believe the WebAS UME can use it's own repository next to the Active Directory that you are using. If the security policy is to not create a service account in the AD, but you are allowed to make your own (local) one, you can try using the local user repository of the WebAS.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.