[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and WinNT Authentication

To: "dino bartolome" <dino@pobox.com>, <openldap-software@OpenLDAP.org>
Subject: Re: LDAP and WinNT Authentication
From: "Jacques Landru" <landru@enic.fr>
Date: Fri, 1 Jun 2001 09:23:50 +0200
Organization: E.N.I.C.
References: <157A51F55AAAD3119CD70008C7B1629DF62C1F@lvlxch01.unitedcatalysts.com> <006e01c0e85b$8f37a330$67fb30c1@enic.fr> <020201c0e9d5$e36a1520$c9c156d8@omega>

Hi,

> i'm still lost on the security layer that sasl provides over ssl/tls... is
> there an easy way of explaining it? or is there a doc somewhere that
helped
> you understand it?

The notes  I wrote here
http://www.enic.fr/people/landru/lobster/openldap/OpenLDAP-authenticating-wi
th-PAM.txt
is the result of my own experience. The difficulty resides in the fact you
must assembly
several environmnents (PAM, SASL, LDAP, NT Domain, SSL/TLS...). Some are
well documented
others less. Good knowledge to agregate all infomation about these
environment is not easy to
gain.  In my case SSL/TLS experience is missing. It's my next step... on
that Graal quest way.

Step by step approach and tests are needed. If there is a "test kit" for one
environment
you have to "play" it before applying it to your own environment. It is the
case for SASL with
sample-server and sample-client. Unfortunately this sample has poor
documentation.
I spent lot of time with doc and I browse mailing list history of all
envrionment...
Don't disregard web search engine (google, alatvista,... my preference is
for copernic)
with associated keywords.

Until now, I 've not found a global documentation for all that domain.

This two URL

http://www.bayour.com/kerberos/Kerberos-MiniHOWTO.html

http://www.enic.fr/people/landru/lobster/openldap/OpenLDAP-authenticating-wi
th-PAM.txt

are the sole attempts,  I know today.

Jacques Landru

----- Original Message -----
From: "dino bartolome" <dino@pobox.com>
To: "Jacques Landru" <landru@enic.fr>
Sent: Thursday, May 31, 2001 3:30 PM
Subject: Re: LDAP and WinNT Authentication


> i'm still lost on the security layer that sasl provides over ssl/tls... is
> there an easy way of explaining it? or is there a doc somewhere that
helped
> you understand it?
> ----- Original Message -----
> From: "Jacques Landru" <landru@enic.fr>
> To: "Jackson, Dan" <djackson@sud-chemieinc.com>;
> "'openldap-software@openLDAP.org'" <openldap-software@OpenLDAP.org>
> Sent: Tuesday, May 29, 2001 9:22 AM
> Subject: Re: LDAP and WinNT Authentication
>
>
> > To avoid password synchronisation, I authenticate openldap users on NT
> PDC.
> > Maybe some information in this presentation can help.
> >
>
http://www.enic.fr/people/landru/lobster/openldap/OpenLDAP-authenticating-wi
> > th-PAM.txt
> >
> > Jacques Landru
> >
> > ----- Original Message -----
> > From: "Jackson, Dan" <djackson@sud-chemieinc.com>
> > To: "'openldap-software@openLDAP.org'" <openldap-software@OpenLDAP.org>
> > Sent: Tuesday, May 29, 2001 3:04 PM
> > Subject: LDAP and WinNT Authentication
> >
> >
> > > Does anyone know how to synch passwords between WinNT and OpenLdap
> > > automatically w/out the user having to do it?
> > >
> > > Dan Jackson
> > >
> >
>
>

Prev by Date: Re: Does dnattr work?
Next by Date: Trigging action in slapd on modification of attr
Index(es):
- Chronological
- Thread