[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP authenticate the username/password with MS-AD?

To: Jonathan Clarke <jonathan@phillipoux.net>
Subject: Re: OpenLDAP authenticate the username/password with MS-AD?
From: Dan White <dwhite@olp.net>
Date: Mon, 19 Jul 2010 12:16:35 -0500
Cc: OSHIM <mhoshim@gmail.com>, "andrew.findlay@skills-1st.co.uk" <andrew.findlay@skills-1st.co.uk>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Content-disposition: inline
In-reply-to: <4C447F66.4000404@phillipoux.net>
References: <E4481F58-15BD-4F86-9F79-194097713D79@gmail.com> <20100718173105.GE12404@dan.olp.net> <4EBC8E86-1E19-46CD-964F-F57D35B2CCB5@gmail.com> <20100718185730.GF12404@dan.olp.net> <B6960B5A-ED62-4B22-B385-19DC27940265@gmail.com> <4C442DFA.4030405@phillipoux.net> <65EE30A8-5409-4842-8991-D252A3442473@gmail.com> <20100719155742.GD2510@dan.olp.net> <2C6C1BAD-83AB-49A5-9C94-C0C55C0C3639@gmail.com> <4C447F66.4000404@phillipoux.net>
User-agent: Mutt/1.5.18 (2008-05-17)

On 19/07/10 18:37 +0200, Jonathan Clarke wrote:

Le 19/07/2010 18:07, OSHIM a écrit :
I have added into /etc/ldap/slapd.conf
sasl-host localhost
sasl-secprops none

and also have created usr/lib/sasl2/slapd.conf and have added following
two lines
pwcheck_method: saslauthd
saslauthd_path: / var / run / saslauthd / mux
With this configuration, saslauthd should be called for simple(non-sasl) binds.
Have you set the userPassword attribute in your OpenLDAP entry to"{SASL}swioshim@something" ? And compiled OpenLDAP using the--enable-spasswd switch ?


Thank Jonathan.

I was not aware of that authentication method. That opens up a lot more
opportunities for passthough authentication to AD.

--
Dan White

References:
- OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Dan White <dwhite@olp.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Dan White <dwhite@olp.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Jonathan Clarke <jonathan@phillipoux.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Dan White <dwhite@olp.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Jonathan Clarke <jonathan@phillipoux.net>

Prev by Date: Re: accesslog overlay doesnt work
Next by Date: Re: OpenLDAP authenticate the username/password with MS-AD?
Index(es):
- Chronological
- Thread