[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: bind using username instead of dn

To: "Frank Swasey" <Frank.Swasey@uvm.edu>, "Joe Grastara" <joe@endeavor.med.nyu.edu>
Subject: RE: bind using username instead of dn
From: Francois Beretti <francois.beretti@enatel.com>
Date: Tue, 17 Jun 2003 13:50:20 +0200
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <Pine.LNX.4.53.0306170719530.16553@robin.uvm.edu>

another way (I think) :
use an sasl mechanism (e.g. digest-md5 that is easy to set up)
then do an sasl bind with username and password as credentials, and set up a
regex mapping in your slapd.conf to map authentication identity (with sasl
it looks like uid=toto,cn=digest-md5,cn=auth) to a directory entry

Francois

> -----Message d'origine-----
> De : owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]De la part de Frank Swasey
> Envoye : mardi 17 juin 2003 13:21
> A : Joe Grastara
> Cc : openldap-software@OpenLDAP.org
> Objet : Re: bind using username instead of dn
>
>
> On Jun 16 at 3:36pm, Joe Grastara wrote:
>
> > I was wondering if anyone knew of a way to allow users to bind to slapd
> > using a username instead of a distinguished name.
>
> Can't be done (at least not directly).
>
> The process is:
>
> get the username and password
> do an anonymous search for uid=username
> bind with the returned dn and the password
>
> --
> Frank Swasey                    | http://www.uvm.edu/~fcs
> Systems Programmer              | Always remember: You are UNIQUE,
> University of Vermont           |    just like everyone else.
>                     === God Bless Us All ===
>

References:
- Re: bind using username instead of dn
  - From: Frank Swasey <Frank.Swasey@uvm.edu>

Prev by Date: Re: bind using username instead of dn
Next by Date: Re: bind using username instead of dn
Index(es):
- Chronological
- Thread