Solved

Intranet and Kerberos Authentication (not sharepoint!)

Posted on 2016-09-25
8
190 Views
Last Modified: 2016-10-06
Hi all.
Im looking for an Intranet solution for a large corporate, 5000 users.
This consists of a general landing page, which the end user then navigates to their Depts pages which needs to be secured by Active Directory Security Groups.

Currently we use Drupal as our Intranet, however the Windows AD integration is not good enough for us.
At the moment, it seems that Drupal will only do LDAP authentication, so the end user needs to enter their username and password to access their Depts secure area, as below.

Drupal User Login
We dont want the end user to be entering their username and password again, as this is a large support burden as people get it wrong.

We would prefer a Single Sign On experience with the logged in Windows User seamlessly passing the user token to the Intranet site, allowing access to the secured Dept areas for those authorised, being a member of a Windows AD Security Group (and no access for those not!) without needing to enter credentials again.

I know Sharepoint can do this, but Im wanting to know is there is any other product out there that will allow this seamless authentication of Windows Credentials.

Im looking at Typo3, but havent built it yet.

Anyone else got suggestions or knows how to get kerberos working in Drupal?
0
Comment
Question by:HBS-Mach
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 18

Accepted Solution

by:
Walter Curtis earned 500 total points
ID: 41815383
You won't get SSO from AD and Typo3 either. SharePoint is the way to go. Not only is it a good enterprise solution for you intranet, it will help with your login requirements.

Hope that helps...
0
 
LVL 37

Expert Comment

by:Geert Gruwez
ID: 41815528
drupal needs some addons to allow single sign on

there is a list of those modules on the drupal community forum:
https://www.drupal.org/node/2402397
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41816901
I dont know alot about Drupal, as Im looking at the issues we have with the existing installation made by others.

@Geert

I had a look at th SSO in drupal link you sent.
I couldnt see where the Active Directory Single Sign On is likely to be.

SimpleSAML PHP Auth  mentions RADIUS.

Would Drupal authenticate with the RADIUS server that will then talk to Active Directory, giving the seamless authentication that im looking for?
Users NOT needing to enter username and password ever. Drupal gets it from the active windows logged in account.

@SneekCo
Yes, Sharepoint would solve the issue of Authentication, Im just seeing what else can do the SSO im looking for that isnt Sharepoint.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 1

Author Comment

by:HBS-Mach
ID: 41827469
Would Drupal authenticate with an internal RADIUS server that will then talk to Active Directory, giving the seamless authentication that im looking for?
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41832663
Im thinking from the responses here that the only Intranet Solution that will allow seamless SSO integration with Active Directory will be Sharepoint.

Drupal doesnt do it.
0
 
LVL 18

Expert Comment

by:Walter Curtis
ID: 41832666
SharePoint does SSO, that is correct.

Good luck...
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41832813
Sharepoint only, in the all the Intranet options in the world.
Im surprised!

Thanks for your help everyone.
0
 
LVL 18

Expert Comment

by:Walter Curtis
ID: 41832954
Thank!
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
What You Need to Know when Searching for a Webhost Provider
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question