[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP bind

To: "Jacob Metelitsa" <metelija@shu.edu>
Subject: Re: LDAP bind
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Fri, 19 Mar 2004 08:45:19 -0800
Cc: openldap-software@OpenLDAP.org
In-reply-to: <OFCEA63934.77226CEA-ON85256E5C.005825E4-85256E5C.0058E38D@ shu.edu>
References: <6.0.1.1.0.20040319074341.04b77b08@127.0.0.1> <OFCEA63934.77226CEA-ON85256E5C.005825E4-85256E5C.0058E38D@shu.edu>

The LDAP "simple" authentication is DN/password based.  If you want to instead authenticate
using username/password, then use another LDAP authentication mechanism, such as SASL/DIGEST-MD5
(which is LDAP's mandatory-to-implement strong authentication mechanism) or SASL/PLAIN.
Then you just needs to set up appropriate identity mapping.  This is discussed in the
Admin Guide section about SASL.

Another alternative is to search (by username) for the DN to authenticate as.  This method
is problematic as it requires the client have access to directory information prior to
the authentication.

Kurt

At 08:08 AM 3/19/2004, Jacob Metelitsa wrote:

>I am new to LDAP. 
>
>Could anyone help me with my bind dilemma, using the openLDAP C API: I know how to do a bind using a distinguished name like this: "CN=Jacob Metelitsa, OU=XXX, O=YYY". 
>
>However, what we have as our input data is a person's unique userid, which in our LDAP is called shortName. 
>
>How can I build a distinguished name using shortName? 
>
>Thank you, 
>
>Jacob Metelitsa
>Web Services
>Seton Hall University, Voice: (973)313-6344; Fax: (973)761-9600
>Email: metelija@shu.edu

References:
- Re: openldap and samba and local profiles
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- LDAP bind
  - From: "Jacob Metelitsa" <metelija@shu.edu>

Prev by Date: Re: Hosts on different subnets
Next by Date: slapadd: databse doesn't support ..... error
Index(es):
- Chronological
- Thread