Bill, I am now attempting to configure the authentication scheme in APEX using LDAP, but I can't figure out exactly what I need to put in the distinguished name string. I could probably use the LDAP Username Edit Function to connect to LDAP using sAMAccountName@domain and get the DN from there... Or define my own custom authentication scheme and create a function that performs the authentication. How did you approach the authentication scheme? thanks for your reply Cheers Alan.- On Thu, Jan 12, 2012 at 10:23 AM, Bill Ferguson <wbfergus@xxxxxxxxx> wrote: > I'm authenticating against our AD for my APEX apps. I don't have OID > or any of that other, expensive stuff, so I use a similar routine. > Once I query AD, I grab whatever information is there and store it in > a collection, and then I parse the collection for the 'MemberOf' > enties. I actually setup groups in AD for my different types of users, > so once I figure out which group they belong in, then I login them > into APEX with those permissions. The hardest part of the whole thing, > since I knew absolutely nothing about AD prior to this (and I barely > know a little more now), was that when I authenticated the user, I had > to specify (pre-pend), the domain to their SAMAccountName, so it was > 'domain/SAMAccountName'. After I figured that part out, the rest > worked smoothly. > > Not sure if this is the same problem you're running into, but maybe it > helps. > > > -- > -- Bill Ferguson > -- //www.freelists.org/webpage/oracle-l