+ Post New Thread
Results 1 to 13 of 13
Educational Software Thread, Eclipse.net Active Directory (AD) and phone app in Technical; Hi all, We host our own instance of eclipse.net internally and use active directory so that users don't need their ...
  1. #1
    Jona's Avatar
    Join Date
    May 2007
    Location
    Cranleigh
    Posts
    469
    Thank Post
    14
    Thanked 50 Times in 48 Posts
    Rep Power
    23

    Eclipse.net Active Directory (AD) and phone app

    Hi all,
    We host our own instance of eclipse.net internally and use active directory so that users don't need their own login.

    We're trying to deploy a link to their iphone, etc app but according to Microlib knowledgebase the app doesn't support AD username and passwords if using the app because the password is too "encrypted". Is that true?

    I'm really struggling to get useful advice from their support department, they keep trying to up-sell us to their hosted package.

    Any help much appreciated....

    Thanks
    Jona

  2. #2
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,488
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76
    I was told the app only worked on their hosted version.

  3. #3

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,816
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    Quote Originally Posted by enjay View Post
    I was told the app only worked on their hosted version.
    That was also my understanding when I did a move to the Cloud last year - although we still tied into using AD creds using the IE add-on.

  4. #4
    knightrider's Avatar
    Join Date
    Mar 2006
    Location
    Leeds
    Posts
    85
    Thank Post
    18
    Thanked 10 Times in 7 Posts
    Rep Power
    19
    Quote Originally Posted by enjay View Post
    I was told the app only worked on their hosted version.
    Yeah I was also told this. If you do find a work around please do share.

    Knightrider

  5. #5
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,488
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76
    I'm guessing the app has the MLS website coded into it, so I don't think you'll find a workaround unless you can find a way to make your Eclipse database publicly-accessible and then change the line in the app's code to reflect that address...

  6. #6
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    757
    Thank Post
    175
    Thanked 130 Times in 109 Posts
    Blog Entries
    1
    Rep Power
    48
    It can be done! You need to ensure your mls install has no proxy auth or anything similar set up, then mls add your site to the database for a central imls app. Ad integration is slightly tricky as they username cannot have the domain name prefix on it.

    Both myself and @john now have it working.

  7. Thanks to robk from:

    Jona (22nd January 2013)

  8. #7

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,619
    Thank Post
    1,499
    Thanked 1,053 Times in 922 Posts
    Rep Power
    304
    Indeed it can be done, Rob and I worked with MLS to get it going, however it is not officially supported by MLS when you self-host they will do what they can (which was good and full commendation to the team) but did take some poking.

    Key issues is it just will not work correctly being reverse proxied or NAT'd in some cases it gets sulky so you need a dedicated IP for it.

    No security, no SSL etc... so keep it clean and simple.

    Username needs to be as rob put clean and tidy, Internal and External host name need to match so if you call it library.school.internal V books.school.county.sch.uk externally you will need to modify IIS to make it the external name internally etc....

    So it can be done but messy and needs some fiddling of IIS and other bits.

  9. Thanks to john from:

    Jona (22nd January 2013)

  10. #8
    Jona's Avatar
    Join Date
    May 2007
    Location
    Cranleigh
    Posts
    469
    Thank Post
    14
    Thanked 50 Times in 48 Posts
    Rep Power
    23
    Thanks for the replies guys, much appreciated! You seem to have had a better experience of MLS support than I've had thus far, perhaps I just got them on a bad day......

    Domain name should be fine as we use the same domain name internally and externally with split horizon DNS, it is currently library.schoolname.com internally so with just an additional A record in the external zone that should be fine.

    You reckon it needs a full public interface and not just port forwarding of 80 and 443?

    Assume from your comments that SSL isn't going to be possible?

    Could either of you share what Authentication modes you are using in both IIS (Site -> Security) and Eclipse (Configuration -> Authentication)?

    Thanks
    Jona

  11. #9
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    757
    Thank Post
    175
    Thanked 130 Times in 109 Posts
    Blog Entries
    1
    Rep Power
    48
    Port forward should be fine, just no reverse proxies, tag etc.

    Iis auth is set to anon. Mls auth is auto I think.

    There is a kb article on the mls website, that details the process, but support are likely to tell you it's not possible.

  12. Thanks to robk from:

    Jona (23rd January 2013)

  13. #10
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,488
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76
    Quote Originally Posted by robk View Post
    There is a kb article on the mls website, that details the process, but support are likely to tell you it's not possible.
    You see, that annoys me. I can understand why they might not want to support it, but if they publish an article, they should tell customers who ask "it is fiddly, and we won't support you, but other people have found that it can be done". I would then have read the article and decided for myself whether it was worth it.

  14. #11
    Jona's Avatar
    Join Date
    May 2007
    Location
    Cranleigh
    Posts
    469
    Thank Post
    14
    Thanked 50 Times in 48 Posts
    Rep Power
    23
    For reference the KB article 2022 and accompanying PDF seem to be the best reference from MLS that this might be possible....

    The main key thing that seems to be missing from that is that the front page of your eclipse.net install needs to load the front page (and/or http://libraryserver.schooladdress.c...es/library.svc) without any authentication requirement.

    I can make that work currently the only problem then seemed to be with the combination of MLS and IIS auth settings I tested. If you logged in using the on-page form it wouldn't show you as logged in until you manually refreshed the page. The AJAX style login "ticker" just continued to spin forever.

  15. #12
    Jona's Avatar
    Join Date
    May 2007
    Location
    Cranleigh
    Posts
    469
    Thank Post
    14
    Thanked 50 Times in 48 Posts
    Rep Power
    23
    Hi all,
    So I now have the app working. However when I try and login with a AD user I get the error "The operation couldn't be completed SLDataLoaderErrorDOmain error -1000.". No part of our domain name is in the login just a simple username. If anyone has got the iMLS App authenticating against Active directory I'd be really greatful for any pointers....

  16. #13
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    757
    Thank Post
    175
    Thanked 130 Times in 109 Posts
    Blog Entries
    1
    Rep Power
    48
    In the eclipse management screen does the ad username have a domain prefix? If so remove it and see if that fixes it.

SHARE:
+ Post New Thread

Similar Threads

  1. Active Directory - Single and Bulk User creation and FREE!!
    By siuko in forum How do you do....it?
    Replies: 39
    Last Post: 20th June 2012, 11:29 AM
  2. [SIMS] SIMS.Net Active Directory Integration
    By robknowles in forum MIS Systems
    Replies: 29
    Last Post: 4th October 2011, 02:54 PM
  3. Active Directory Export and Import
    By stevo1565 in forum Windows Server 2000/2003
    Replies: 1
    Last Post: 19th July 2010, 09:01 PM
  4. Active Directory Backup and Restore in Windows Server 2008
    By cookie_monster in forum Windows Server 2008
    Replies: 0
    Last Post: 1st August 2009, 01:48 PM
  5. Replies: 7
    Last Post: 5th June 2006, 05:25 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •