Perl 6 - the future is here, just unevenly distributed

IRC log for #shibboleth, 2017-09-19

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:14 JuanDaugherty joined ##shibboleth
01:55 ilbot3 joined ##shibboleth
05:47 JuanDaugherty joined ##shibboleth
11:14 JuanDaugherty joined ##shibboleth
13:56 Es0teric joined ##shibboleth
17:15 bswork joined ##shibboleth
17:15 bswork anyone online today ?
17:16 pdurbin what's up bswork
17:17 bswork pdurbin: I have dabbled in Shibboleth previously setup a few basic deployments.. However, working on troubleshooting an issue now in a new environment that more complex.
17:18 pdurbin ok
17:19 bswork I see the attribute-filter.xml is passing certain attributes including memberOf. That means it is going to pass all group memberships for a user account correct?
17:20 bswork Then it is up to the SP to look for a certain group?
17:20 bswork Is that correct?
17:20 bswork If not, where does the certain group a user needs to be a member of to gain access get defined?
17:22 JuanDaugherty i think you as SP are supposed to decide
17:23 bswork OK. I'm the Idp side though sending attributes to the SP.
17:23 JuanDaugherty but unlike you haven't completed a deployment yet
17:24 JuanDaugherty so you're admining access to a service provided by others strictly rather those you're serving from your org?
17:25 JuanDaugherty maybe by deployment you meant clients
17:26 bswork Without a AD group on a user I receive login token attributes are missing
17:26 JuanDaugherty AD means MS active directory?
17:26 bswork Yes
17:26 JuanDaugherty ah
17:26 bswork when I add a particular group to the user they can login.. What I'm wondering is where the groups are defined
17:27 bswork in Shibboleth.. I think the SP side
17:28 JuanDaugherty in the AD/MS admin user interface. I haven't used it in many years so can't point you to it, used to be in a MMC iirc
17:28 JuanDaugherty MS AD is just their LDAP
17:29 JuanDaugherty whevever you admin domain controllers
17:31 bswork Correct. I know how to manage MS AD
17:47 Es0teric joined ##shibboleth
19:49 Es0teric joined ##shibboleth
20:51 Es0teric joined ##shibboleth

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary