[Date Prev][Date Next]
sasl-authz-policy -- Proxy Authentication??
- To: OpenLDAP-software@OpenLDAP.org
- Subject: sasl-authz-policy -- Proxy Authentication??
- From: Brock Noland <firstname.lastname@example.org>
- Date: Mon, 22 Nov 2004 18:00:36 -0600
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=Dn0bKMCBmotXnhWW06xORmMhc3NV5nnT0cX6FOOXDu15/deYarFEdjOyQi2A6QLkRWpTiykXLdUr17yIZpvTxJ8Kli8S79quoAe0pTvAuRzSadlhCuVJvi+Sp3up1ws8EZHys1ELRMeOxMmvqLqb0Lly5PTkb29S9yV0g9O+G4k=
Let me give you a quick low down:
I work for a large university that uses radius for authentication.
This is the only way I can authenticate my user base. I want to run a
LDAP server for my user base but I cannot store the passwords. The
passwords must be stored on the radius srever (which I do not run).
1) Is it possible to use "SASL Proxy Authorization" to get these
softwares to work together? In other words to get the LDAP server to
look to the radius server for authentication?
2) If the University ran an LDAP server that provided authenticaton
could I run an LDAP server that stored MY information, but would look
to the other LDAP server for authentication?
Thanks for any help!
"There is one and only one social responsibility of business - to use
its resources and engage in activities designed to increase its
profits so long as it stays within the rules of the game, which is to
say, engages in open and free competition without deception or fraud."
Nobel Laureate Milton Friedman