[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentication using DN or uid?

Users should not need to memorize distinguished names. Many LDAP clients
search the directory for some attribute corresponding to a memorizable 
name (for example, "uid", or "mail") to map such a name to a
distinguished name, and then bind with that distinguished name to 
authenticate the user to the directory.

An alternative, which is to my knowledge not widely use by existing
clients, is to perform a SASL bind on behalf of the user and have the
server perform the user to distinguished name mapping. 

-- Luke

Luke Howard | PADL Software Pty Ltd | www.padl.com