<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2912" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=843151618-12082006><FONT face=Arial size=2>I'm wondering if I'm
trying to do things which are impossible:</FONT></SPAN></DIV>
<DIV><SPAN class=843151618-12082006><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=843151618-12082006><FONT face=Arial size=2>* I have a few
hundred users all with internal RT accounts which I want to move to
authenticating from AD (they all have AD account). If I put the LDAP user
overlay in place, It grabs the info from AD into the RT user fields but will not
let the user log on with the AD password, only the internal RT
one.</FONT></SPAN></DIV>
<DIV><SPAN class=843151618-12082006><FONT face=Arial size=2>* What about true
Single-Sign on? That it, it automatically logs you into RT if you are already
logged into the AD domain? Would this need to be done with the Apache mod_ldap
extension?</FONT></SPAN></DIV>
<DIV><SPAN class=843151618-12082006><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=843151618-12082006><FONT face=Arial
size=2>PK</FONT></SPAN></DIV>
<DIV> </DIV>
<DIV align=left><FONT face=Arial size=2>--</FONT></DIV>
<DIV align=left><FONT face=Arial size=2>Philip Kime</FONT></DIV>
<DIV align=left><FONT face=Arial size=2>NOPS Systems Architect</FONT></DIV>
<DIV align=left><FONT face=Arial size=2>310 401 0407</FONT></DIV>
<DIV> </DIV></BODY></HTML>