Ganesh Borse wrote: > I am new to OpenLDAP. We are migrating our application (integrated with > webserver) from Windows to FreeBSD. > > However, this is adding a bit of a problem. Previously, I used Microsoft > SSPI authentication loop mechanism to authenticate the users connecting > from GUI client (launched from computers in MS active directory) to our > application. AD authentication helped avoid maintaining separate passwords. > > Now, since we are moving to FreeBSD and web based interface, it is > difficult to use the same SSPI mechanism and so, the users connecting to > this application from web browser can be authenticated using the AD > credentials. You should rather try to learn about WebSSO with SPNEGO/Kerberos. Personally I have configured CAS with SPNEGO/Kerberos and LDAP fallback for password checking for some customers. There might be other decent WebSSO implementations with support for that. But this is highly off-topic here. So don't follow up on OpenLDAP lists. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature