[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unix authentication in corporate AD

To: "Edsall, William (WJ) " <WJEdsall@dow.com>
Subject: Re: Unix authentication in corporate AD
From: Dan White <dwhite@olp.net>
Date: Wed, 1 Sep 2010 16:12:24 -0500
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <52CD990A674498429E6A7B4FCAE3F7D304F0F562@USMDLMDOWX025.dow.com>
References: <52CD990A674498429E6A7B4FCAE3F7D304F0F562@USMDLMDOWX025.dow.com>
User-agent: Mutt/1.5.20 (2009-06-14)

On 01/09/10 12:05 -0400, Edsall, William (WJ)  wrote:

Hello,
Just a few questions regarding authenticating OpenLDAP (centos 5.4) to
windows active directory.

I'm able to bind, I've confirmed this by changing the bind password, and
then the bind attempt fails. However I'm unable to authenticate.


Could you clarify a few items?

Are you binding directly to an OpenLDAP server or an Active Directory
Server?

Which password are you changing, the user's password in Active Directory?

My attempt is always as follows:
su: user blabla does not exist


With regards to OpenLDAP, a successful bind is a success authentication.

With something like su, your trouble may be related to a 3rd party PAM or
NSS module. How does su authenticate in your environment?

--
Dan White

References:
- Unix authentication in corporate AD
  - From: "Edsall, William (WJ) " <WJEdsall@dow.com>

Prev by Date: custom hostname for openldap/sasl is not working
Next by Date: Re: custom hostname for openldap/sasl is not working
Index(es):
- Chronological
- Thread