Some advice on the Authentication mechanism to choose

I have recently upgraded to TeamCity Enterprise and I now have the option of using LDAP or NTLM authentication rather than the default username and password. Reading the documentation I am not very clear of the advantages of NTLM over simple authentication, does it allow users using IE or Firefox NOT to have to key in their credentials when accessing TeamCity (single signon)? In other terms will the browser provide the credentials automatically, or would this just replace TeamCity's user name and password with the ones in Active Directory?

Am I right to think that the advantage of LDAP authentication over NTLM in an Active Directory environment is the ability to synchronise user's details and nothing else?

Thanks,
Alex

3 comments
Comment actions Permalink

Alex,

What NT Authentication does is that users' names and passwords are checked against Windows domain users and not users list stored in TeamCity.Transparent NTLM authentication from the browser without user login form is not yet supported in TeamCity (you can vote for the feature).

LDAP Authentication has more complicated setup but provides additional features like user details and groups synchronization, configuration of user login name.

0
Comment actions Permalink

Yegor,

Thanks, I don't see a compelling reason to switch to NTLM or LDAP for now then.

Another small issue that I have is that currently when someone checks in their code, in the Projects tab is see their truncated domainname/account (i.e.  'mydomainname/...' ) next to the Artifacts and I have to expand the drop down each time to find out who has made the change. Since we are not using NTLM or LDAP authentication I assume this is taken from TFS, but I would have expected to see user's TeamCity's full name rather the domainname/account. I tried changing the Version Control Username Settings to include the domain name but to no avail.

Is this a known issue? Would switching to NTLM authentication fix this?

Thanks,
Alex

0
Comment actions Permalink

Alex,

Changes view displays username as reported by version control.

For now this is "as designed" behavior: mapping from VCS username to TeamCity user can be not definite.

Anyway, here is a feature request to display TeamCity user name, so you can comment/watch/vote for it.

0

Please sign in to leave a comment.