Forum

I have a question about ACS and I am hoping someone here could help me with it. I have a client that has an existing Novell network and they are adding new facilites that will be using Microsoft Active Directory. My question is can they use a single ACS to authenticate in to Novell Edirectory and Microsoft Active Directory?

LDAP is a beautiful thing.

You will be able to use one ACS for both.  There is a external DB search order if you want to take a lazy approach, but beware of this. (more on that in a second) The other method is to do a domain / realm identifier as a prefix or suffix to the username.  i.e. username@domain or domainusername.

The problem with simply using a external DB search order is if a user is logging in with "johndoe" and there is a "johndoe" in both DBs, but with different passwords, one of the "johndoe" users will fail every time they try to login unless a realm identifier is supplied.

For Novell, you're pretty much stuck using LDAP with ACS (as far as I know), but I'll be honest, I've tried to forget everything I've ever known about Novell.

I commonly use a single ACS instance with multiple user databases by employing a realm identifier and it works great.

Hope that helps!

Agree - Everytime I worked with Novell - I was removing it and finding a dumpster in the 21st century.