[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Active Directory



by no means you can get password except you get it from a form input.

1) create a form with username and password
2) authenticate through AD. 
3) if it is authenticated, keep username and password pair

-----Original Message-----
From: Ron Wahler [mailto:ron@rovingplanet.com]
Sent: Tuesday, April 22, 2003 9:58 AM
To: Vishal Khanna; Christian Pohl
Cc: openldap-software@OpenLDAP.org
Subject: RE: Active Directory



I was able to authenticate to AD by sending user name and password
To AD, but I want to get the password from AD and authenticate
on Linux.

Ron.

-----Original Message-----
From: Vishal Khanna [mailto:vishal.khanna@aitpl.co.in] 
Sent: Tuesday, April 22, 2003 5:48 AM
To: Christian Pohl
Cc: openldap-software@OpenLDAP.org
Subject: Re: Active Directory

Christian
Were you able to authenticate users from ADS...using OpenLDap..
Vishal

Christian Pohl wrote:
> Ron Wahler wrote:
> 
>> I need access to Active Directory User passwords from
>> A remote client.  I would like to use ldapsearch has anyone
>>
>> Configured a client to do that ?   what other tools do I need ?
>>
>>  
>>
>> Thanks,
>>
>> Ron.
>>
>>
> 
> I used this config to _change_ the password. Perhaps it works also for

> reading.
> 
> 1. Enable SSL for ldap (Microsoft Knowledgebase Article 247078)
> 2. Root Certificate to openldap-tools: 
> (openldap:.../etc/openldap/ldap.conf:   TLS_CACERT 
> /path/to/pem/ca/cert.crt)
> 5. connect to server here: write new password
>  ldapmodify -H ldaps://myadserver.company.de -D 
> "cn=administrator,cn=users,dc=mydomain,dc=mycountry" -w -f myldif.ldif
> 
> Remark: the servername in the subject _must_ match the one used in the

> connect string.
> 
> See:
> 247078 HOWTO: Enable Secure Socket Layer (SSL) Communication Over LDAP

> For Windows 2000 Domain Controllers
> 269190 HOWTO: Change a Windows 2000 User's Password Through LDAP
> 
> Perhaps this helps.
> 
> Kind regards,
> 
> Chris
>