Main Nav

Message from bills@siu.edu

Is there any way to use imap client connected to gmail with saml 2? Or is syncing passwords to google the only way to make it work?

 

Thanks,

Bill Schablowsky
Information Technology
Southern Illinois University
Email: bills@siu.edu
Phone: 618-453-6611

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

Message from chris@rhsmith.umd.edu

Hi Bill,

We are just in the process of implement Google Apps for our student population and have found that you cannot use SAML for authentication for anything other than web access. If you have SAML turned on then to access via IMAP, POP or Mobile clients, you'll need to set a Google password for the user. Whether you choose to sync their university password to their Google account (which can be done, the APIs are there although you can't salt the hashed password) or not is up to you. We've decided against synching the passwords (security folks had some concerns about sending campus credentials off campus no matter what encryption was used) and instead will be telling our users that if they wish to access their mail through a client or mobile device to login to their Google account and set the password of their choice.

Hope this helps!

Christopher Gleeson
Network Engineer
Office of Smith IT
Robert H. Smith School of Business
3520L Van Munching Hall
University of Maryland
College Park, MD  20742-1815
301 541 8455 TEL
chris@rhsmith.umd.edu
http://www.rhsmith.umd.edu
http://training.rhsmith.umd.edu
http://www.rhsmith.umd.edu/smithit

** Remember, the Office of Smith IT will never ask for your username and password in an email **


William Schablowsky ---04/03/2012 02:55:18 PM---Is there any way to use imap client connected to gmail with saml 2? Or is syncing passwords to googl

From: William Schablowsky <bills@SIU.EDU>
To: GOOGLEAPPS@LISTSERV.EDUCAUSE.EDU,
Date: 04/03/2012 02:55 PM
Subject: [GOOGLEAPPS] imap with saml 2
Sent by: The EDUCAUSE Google Apps Constituent Group Listserv <GOOGLEAPPS@LISTSERV.EDUCAUSE.EDU>



Is there any way to use imap client connected to gmail with saml 2? Or is syncing passwords to google the only way to make it work?
 
Thanks,
Bill Schablowsky
Information Technology
Southern Illinois University
Email: bills@siu.edu
Phone: 618-453-6611
 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

We've created an app on our password management web page that assigns a random "device" password (via admin API) to our users to ensure they don't set the campus password at Google. 
/a