?
Solved

Intranet and Kerberos Authentication (not sharepoint!)

Posted on 2016-09-25
8
Medium Priority
?
206 Views
Last Modified: 2016-10-06
Hi all.
Im looking for an Intranet solution for a large corporate, 5000 users.
This consists of a general landing page, which the end user then navigates to their Depts pages which needs to be secured by Active Directory Security Groups.

Currently we use Drupal as our Intranet, however the Windows AD integration is not good enough for us.
At the moment, it seems that Drupal will only do LDAP authentication, so the end user needs to enter their username and password to access their Depts secure area, as below.

Drupal User Login
We dont want the end user to be entering their username and password again, as this is a large support burden as people get it wrong.

We would prefer a Single Sign On experience with the logged in Windows User seamlessly passing the user token to the Intranet site, allowing access to the secured Dept areas for those authorised, being a member of a Windows AD Security Group (and no access for those not!) without needing to enter credentials again.

I know Sharepoint can do this, but Im wanting to know is there is any other product out there that will allow this seamless authentication of Windows Credentials.

Im looking at Typo3, but havent built it yet.

Anyone else got suggestions or knows how to get kerberos working in Drupal?
0
Comment
Question by:HBS-Mach
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 19

Accepted Solution

by:
Walter Curtis earned 2000 total points
ID: 41815383
You won't get SSO from AD and Typo3 either. SharePoint is the way to go. Not only is it a good enterprise solution for you intranet, it will help with your login requirements.

Hope that helps...
0
 
LVL 38

Expert Comment

by:Geert Gruwez
ID: 41815528
drupal needs some addons to allow single sign on

there is a list of those modules on the drupal community forum:
https://www.drupal.org/node/2402397
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41816901
I dont know alot about Drupal, as Im looking at the issues we have with the existing installation made by others.

@Geert

I had a look at th SSO in drupal link you sent.
I couldnt see where the Active Directory Single Sign On is likely to be.

SimpleSAML PHP Auth  mentions RADIUS.

Would Drupal authenticate with the RADIUS server that will then talk to Active Directory, giving the seamless authentication that im looking for?
Users NOT needing to enter username and password ever. Drupal gets it from the active windows logged in account.

@SneekCo
Yes, Sharepoint would solve the issue of Authentication, Im just seeing what else can do the SSO im looking for that isnt Sharepoint.
0
Create CentOS 7 Newton Packstack Running Keystone

A bug was filed against RDO for the installation of Keystone v3. This guide is designed to walk you through the configuration for using Keystone v3 with Packstack. You will accomplish this using various repos and the Answers file.

 
LVL 1

Author Comment

by:HBS-Mach
ID: 41827469
Would Drupal authenticate with an internal RADIUS server that will then talk to Active Directory, giving the seamless authentication that im looking for?
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41832663
Im thinking from the responses here that the only Intranet Solution that will allow seamless SSO integration with Active Directory will be Sharepoint.

Drupal doesnt do it.
0
 
LVL 19

Expert Comment

by:Walter Curtis
ID: 41832666
SharePoint does SSO, that is correct.

Good luck...
0
 
LVL 1

Author Comment

by:HBS-Mach
ID: 41832813
Sharepoint only, in the all the Intranet options in the world.
Im surprised!

Thanks for your help everyone.
0
 
LVL 19

Expert Comment

by:Walter Curtis
ID: 41832954
Thank!
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question