Solved

Intranet and Kerberos Authentication (not sharepoint!)

Posted on 2016-09-25
8
93 Views
Last Modified: 2016-10-06
Hi all.
Im looking for an Intranet solution for a large corporate, 5000 users.
This consists of a general landing page, which the end user then navigates to their Depts pages which needs to be secured by Active Directory Security Groups.

Currently we use Drupal as our Intranet, however the Windows AD integration is not good enough for us.
At the moment, it seems that Drupal will only do LDAP authentication, so the end user needs to enter their username and password to access their Depts secure area, as below.

Drupal User Login
We dont want the end user to be entering their username and password again, as this is a large support burden as people get it wrong.

We would prefer a Single Sign On experience with the logged in Windows User seamlessly passing the user token to the Intranet site, allowing access to the secured Dept areas for those authorised, being a member of a Windows AD Security Group (and no access for those not!) without needing to enter credentials again.

I know Sharepoint can do this, but Im wanting to know is there is any other product out there that will allow this seamless authentication of Windows Credentials.

Im looking at Typo3, but havent built it yet.

Anyone else got suggestions or knows how to get kerberos working in Drupal?
0
Comment
Question by:HBS-Mach
  • 4
  • 3
8 Comments
 
LVL 14

Accepted Solution

by:
SneekCo earned 500 total points
ID: 41815383
You won't get SSO from AD and Typo3 either. SharePoint is the way to go. Not only is it a good enterprise solution for you intranet, it will help with your login requirements.

Hope that helps...
0
 
LVL 36

Expert Comment

by:Geert Gruwez
ID: 41815528
drupal needs some addons to allow single sign on

there is a list of those modules on the drupal community forum:
https://www.drupal.org/node/2402397
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41816901
I dont know alot about Drupal, as Im looking at the issues we have with the existing installation made by others.

@Geert

I had a look at th SSO in drupal link you sent.
I couldnt see where the Active Directory Single Sign On is likely to be.

SimpleSAML PHP Auth  mentions RADIUS.

Would Drupal authenticate with the RADIUS server that will then talk to Active Directory, giving the seamless authentication that im looking for?
Users NOT needing to enter username and password ever. Drupal gets it from the active windows logged in account.

@SneekCo
Yes, Sharepoint would solve the issue of Authentication, Im just seeing what else can do the SSO im looking for that isnt Sharepoint.
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41827469
Would Drupal authenticate with an internal RADIUS server that will then talk to Active Directory, giving the seamless authentication that im looking for?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:HBS-Mach
ID: 41832663
Im thinking from the responses here that the only Intranet Solution that will allow seamless SSO integration with Active Directory will be Sharepoint.

Drupal doesnt do it.
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41832666
SharePoint does SSO, that is correct.

Good luck...
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41832813
Sharepoint only, in the all the Intranet options in the world.
Im surprised!

Thanks for your help everyone.
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41832954
Thank!
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now