[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP bind

The LDAP "simple" authentication is DN/password based.  If you want to instead authenticate
using username/password, then use another LDAP authentication mechanism, such as SASL/DIGEST-MD5
(which is LDAP's mandatory-to-implement strong authentication mechanism) or SASL/PLAIN.
Then you just needs to set up appropriate identity mapping.  This is discussed in the
Admin Guide section about SASL.

Another alternative is to search (by username) for the DN to authenticate as.  This method
is problematic as it requires the client have access to directory information prior to
the authentication.


At 08:08 AM 3/19/2004, Jacob Metelitsa wrote:

>I am new to LDAP. 
>Could anyone help me with my bind dilemma, using the openLDAP C API: I know how to do a bind using a distinguished name like this: "CN=Jacob Metelitsa, OU=XXX, O=YYY". 
>However, what we have as our input data is a person's unique userid, which in our LDAP is called shortName. 
>How can I build a distinguished name using shortName? 
>Thank you, 
>Jacob Metelitsa
>Web Services
>Seton Hall University, Voice: (973)313-6344; Fax: (973)761-9600
>Email: metelija@shu.edu