LMS 2.6 Login issue

Answered Question
Aug 5th, 2008

I have a user that is able to login to LMS via TACACS/SecurID without a CW local login account, he gets guest privs, is this a bug, shouldn't he be unable to log in without a local account set up?

I have this problem too.
0 votes
Correct Answer by Joe Clarke about 8 years 4 months ago

Miheg is absolutely right. This has been the case since we introduced external login modules. Every user with a valid account in the external database will be allowed Help Desk access to LMS unless they have a local account in LMS granting them more access.

I used to have a patch for LMS 2.2 which worked around this. However, in LMS 2.5+ you have the option of using ACS integration. If you do full ACS integration, you can effectively prevent people with ACS accounts from having any access in LMS.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
miheg Tue, 08/05/2008 - 05:46

No, that is the intended behavior.

Guest or helpdesk level is what he gets.

Cheers,

Michel

Correct Answer
Joe Clarke Tue, 08/05/2008 - 08:44

Miheg is absolutely right. This has been the case since we introduced external login modules. Every user with a valid account in the external database will be allowed Help Desk access to LMS unless they have a local account in LMS granting them more access.

I used to have a patch for LMS 2.2 which worked around this. However, in LMS 2.5+ you have the option of using ACS integration. If you do full ACS integration, you can effectively prevent people with ACS accounts from having any access in LMS.

Actions

This Discussion