+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 35
MIS Systems Thread, SIMS AD intergration - Put a password in a second time? in Technical; Same Sign On, yes @ vikpaw thats exactly it. @ matt40k I'll tell them! The bigger point is not so ...
  1. #16

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,039
    Thank Post
    374
    Thanked 369 Times in 301 Posts
    Blog Entries
    8
    Rep Power
    176
    Same Sign On, yes @vikpaw thats exactly it.
    @matt40k I'll tell them! The bigger point is not so much the technology, but it being used to secure as best as possible the general joe bloggs who is inherently insecure with their management of data, passwords and leaving their laptop logged in on the bus to be lost! If you are in on one system on the traditional SSO, you have access to EVERYTHING... as opposed to have just one system that has been compromised...

  2. #17

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,968
    Thank Post
    672
    Thanked 1,383 Times in 1,145 Posts
    Rep Power
    350
    EVERYTHING is true, but that's if your system is physically compromised, i.e. left logged in and available.
    If your password gets lost, left on paper, socially engineered, etc. then you're hosed anyway.
    This SaSO idea is growing on me. At least it's less to remember.
    Can't wait for Google's MIS to hit the streets.

  3. Thanks to vikpaw from:

    GREED (5th September 2012)

  4. #18

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,039
    Thank Post
    374
    Thanked 369 Times in 301 Posts
    Blog Entries
    8
    Rep Power
    176
    Right, remember that SaSO was my term for the record... when it becomes the new buzz word...

  5. #19
    paul's Avatar
    Join Date
    Jun 2005
    Location
    Preston
    Posts
    170
    Thank Post
    2
    Thanked 12 Times in 8 Posts
    Rep Power
    21
    Editing the connect.ini file to the following will require user to enter AD password again

    [SIMSConnection]
    ServerName=[servername]\[DB Instance]
    DatabaseName=SIMS
    Commandtimeout=100000
    ConnectionType=Trusted

  6. 2 Thanks to paul:

    FN-GM (6th September 2012), zag (11th September 2012)

  7. #20

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,945
    Thank Post
    886
    Thanked 1,696 Times in 1,474 Posts
    Blog Entries
    12
    Rep Power
    447
    Quote Originally Posted by paul View Post
    Editing the connect.ini file to the following will require user to enter AD password again

    [SIMSConnection]
    ServerName=[servername]\[DB Instance]
    DatabaseName=SIMS
    Commandtimeout=100000
    ConnectionType=Trusted
    Thanks, this is what i want

  8. #21

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,407
    Thank Post
    368
    Thanked 639 Times in 521 Posts
    Rep Power
    158
    ...Or click on the "Current Windows User", then ok...

  9. #22

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,945
    Thank Post
    886
    Thanked 1,696 Times in 1,474 Posts
    Blog Entries
    12
    Rep Power
    447
    Quote Originally Posted by matt40k View Post
    ...Or click on the "Current Windows User", then ok...
    But thats not what we want. Thanks

  10. #23

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,968
    Thank Post
    672
    Thanked 1,383 Times in 1,145 Posts
    Rep Power
    350
    Quote Originally Posted by matt40k View Post
    ...Or click on the "Current Windows User", then ok...
    That's all it does. So no go.

  11. #24

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,968
    Thank Post
    672
    Thanked 1,383 Times in 1,145 Posts
    Rep Power
    350
    Quote Originally Posted by GREED View Post
    Right, remember that SaSO was my term for the record... when it becomes the new buzz word...
    Your concept, I coined the term!
    You have my Say-So to make it buzz

  12. Thanks to vikpaw from:

    GREED (11th September 2012)

  13. #25

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,678
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    45
    We decided to use AD inegration. Our discussion was that there is enough confidential info on the network anyway if a pupil gets a staff members password the damage is already done as the staff were prety much using the same passwords for both.

    What we have done is made SIMS easier to use and tried to remove technological restrictions staff were hiding behind to avoid using it. I don't disagree with the arguments against it, they are valid. We just took a different approach. There has to come a point when responsibility lies with the end user, the more tech barriers we stick up to be secure the more barriers there are to people using it. It's a fine line, I know.

  14. Thanks to Stuart_C from:

    matt40k (6th September 2012)

  15. #26

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,678
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    45
    I realise the last post was OT ish. No I don't know how to do what @FN-GM wants. I don't think you can as far as I am aware.

  16. #27

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,407
    Thank Post
    368
    Thanked 639 Times in 521 Posts
    Rep Power
    158
    Spot on Stuart!! Teachers are professionals and should be treated as such, they are capable of locking their laptop and you shouldn't create unnecessary barriers because a few are, in your opinion, an idiot. Even if you are right lol

  17. #28

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,039
    Thank Post
    374
    Thanked 369 Times in 301 Posts
    Blog Entries
    8
    Rep Power
    176
    While all arguments are true, the unfortunate reality is when security is breeched, everyone is quick to point the finger, usually in the direction of IT, the software, in fact anyone but themselves or staff who choose not to follow basic rules and lock the computer!

    I cannot say I agree with the 'there is enough confidential info already on the system'... surely that should be highlighting ANOTHER issue, not as a reason 'not to bother any further'? I'm not disagreeing with your decision that is fine... just worried by the reasoning!

  18. #29

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,407
    Thank Post
    368
    Thanked 639 Times in 521 Posts
    Rep Power
    158
    Graham, by your logic, you would need to close your browser when leaving your machine unattended and have it set to purge the cache each time you close it. Unfortantely, it doesn't happen.

    Admittly your Team HTML5 and @PhilNeal is in Team App and your trying to sell the extra login as a security feature. Just incase anyone hasn't noticed

  19. #30

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,039
    Thank Post
    374
    Thanked 369 Times in 301 Posts
    Blog Entries
    8
    Rep Power
    176
    Not quite. I am suggesting that PCs are still locked. This is the most secure method for securing a workstation, not just for the benefit of the MIS but all information. Although loggin out and/or closing browser (closing the session is Aspen logs you out) is not a bad point -would you leave you online bank page open on a public library PC (anyone who responds with 'I wouldn't use a public PC for banking'... feel my wrath!)?

    My suggestion here though is using this concept of 'auto-logging in' to save time on passwords is flawed. It is as bad as having your password on a sticky note on your monitor. It takes one time forgetting to lock the PC (we all do it), and the little buggers will have access not just to what is open, but everything else too. What about leaving the laptop on a bus? Now with SSO (the traditional thought of SSO), finder now can get at all your linked accounts. Left laptop on bus with just windows logged in, and they can auto login to SIMS (Well, in theory, if SIMS were web based ) With SaSO (remember, Same Sign On... my term, trademarked!) they would need to know your password, so there is that additional layer of security protecting systems. And what is the downside: Wow, I have to put my SAME username and password in again, something most do a couple of times a day for years.

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. [SIMS] SIMS AD intergration
    By j17sparky in forum MIS Systems
    Replies: 6
    Last Post: 31st August 2012, 01:14 PM
  2. [SIMS] SIMS.net Invalid/user name password?
    By oxide54 in forum MIS Systems
    Replies: 6
    Last Post: 21st December 2010, 07:59 PM
  3. reset "SA" password in sims?
    By zag in forum MIS Systems
    Replies: 5
    Last Post: 14th February 2010, 07:57 PM
  4. SIMS : Adding new course in course manager.
    By Jake in forum MIS Systems
    Replies: 3
    Last Post: 29th September 2008, 02:31 PM
  5. View user password in AD
    By timbo343 in forum Windows
    Replies: 10
    Last Post: 20th March 2007, 05:04 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •