cancel
Showing results for 
Search instead for 
Did you mean: 

Correct way to try authenticate users against different authentication stores? (User.Database and NTLM.Agent)

Hi

Could someone describe how to nest authentication to query both the local proxy user.db (service accounts) and a external source (ad users) avoiding double authentication.

I have it working but unsure if the most efficient / correct method;

On rule set.

Authentication.IsAuthenticatedequalsfalse
a
Authentication.IsAuthenticatedequalsfalse
bANDAuthentication.Authenticate<user.database>equalsfalse
cANDAuthentication.Authenticate<NTLM-Agent>equalsfalse





Criteria cobination a AND b AND c

Performace is important.

Eric

Message was edited by: ericappelboom on 5/19/11 4:57:19 AM CDT
0 Kudos
1 Reply
McAfee Employee

Re: Correct way to try authenticate users against different authentication stores? (User.Database and NTLM.Agent)

Hi Eric,

Are you attempting to authenticate a user against two directories? The example seems to be doing so.

If you would like to failover per say (AD then User database). See the below screenshot:

try-ad_then-userDB.png

This will check AD first, then check the User Database if the user has not properly authenticated with the first directory.

I should have cleaned up the names in the screenshot but you get the idea.

~Jon

0 Kudos