We currently have over 150 users set up on Google Apps. I want to implement an LDAP server with Crowd so that I have a centralised platform that can be used for Google authentication (SSO) plus Crowd/LDAP authentication with other platforms.
As I understand it, once I've enabled SSO on Google Apps, all login requests will be directed to Crowd. This would seem to make it quite difficult to test SSO/Crowd without affecting all users.
Also, once I've populated the LDAP directory, I need to get the users to set their desired passwords so that when SSO *is* turned on, they know what password to use.
Has anyone gone through a similar process and got suggestions to share on how best to tackle these issues?
If a business is using Google Apps, they get their own URL which users must enter if they want the redirect to go off to Crowd. If users use the generic URL, e.g. www.gmail.com, they still get authorised by Google Accounts.
Also, it is possible to put a netmask into the SSO configuration on Google, ensuring that the redirect only happens if the user is on the correct network.
Reading this question:
it looks, from one of the answers, as if users can actually override the SSO process and continue to log in with the Google authentication?
"Please note that as long as users' passwords are synced between your LDAP system and Google, users can bypass the SSO login system by signing in directly to Google."
If that is the case, it would seem that I can:
a) populate LDAP and get staff to start setting their passwords.
b) set up SSO on Google and tell staff not to use it. I think I could even enforce that by using the Crowd settings to restrict who is allowed to log in via SSO.
For JSM June Challenge #2, share how your non-technical teams like HR, legal, marketing, finance, and beyond started using Jira Service Management! Tell us: Did they ask to start using it or...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events