[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Munging an OpenLDAP slapd server

I suggest you take a look at the backend interface (by
examining an existing simple backend, like back-passwd)
and/or the overlay interface (by examining an existing
simple overlay).  -- Kurt

At 03:14 PM 1/25/2006, J.Lance Wilkinson, 814-865-1818 wrote:
>>I think you could just use saslauthd to forward the password stuff to the 
>>KDC, to get whether or not they can bind?
>>Quanah Gibson-Mount
>>Principal Software Developer
>>ITSS/Shared Services
>>Stanford University
>>GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
>        Thanks for the response.  However, I'm not sure I expressed my need
>        correctly given your reply.
>        The bind stuff is done already from an earlier application, and it
>        works.  It's the SEARCH when it's in an anonymous bind state that I
>        need to implement.
>        When I'm bound to anonymously, I'll then receive a search with a
>        filter of (uid=xxx) to which I must a search result of a single entry,
>        a  DN of "uid=xxx,ou=zzz,dc=nn,dc=mm", and then get my munged slapd to
>        return that appropiately.  
>        Alternatively, If I decide I want to claim there are not matches
>        to the filter specified, I need to get my munged slapd to return 
>        the appropriate results for "search found nothing."
>        What I need help with is the anonymous search from the viewpoint of
>        slapd and its source files.   I need to know which slapd source
>        modules I'd need to change, how I'd find the uid=xxx value desired in
>        the search request received, how to return an unsuccessful search
>        result, and how to return a successful search result.
>        I'll apply these changes to the source tree for slapd, along with
>        the already changed bind.c code that implements satisfactorally the
>        non-anonymous bind against the KDC.
>+----"Never Underestimate the bandwidth of a station wagon full of mag tapes"--+
>| J.Lance Wilkinson ("Lance")           InterNet:  Lance.Wilkinson@psu.edu 
>| Systems Design Specialist - Lead      AT&T:      (814) 865-1818
>| Digital Library Technologies          FAX:       (814) 863-3560
>| 3 Paterno Library                             "I'd rather be dancing..." 
>| Penn State University             A host is a host from coast to coast,
>| University Park, PA 16802         And no one will talk to a host that's close
>| <postmaster@psulias.psu.edu>      Unless the host that isn't close
>| EMail Professional since 1978     Is busy, hung or dead.
>+---------"He's dead, Jim. I'll get his tricorder. You take his wallet."-------+
>                [apologies to DeForest Kelley, 1920-1999]
><A Href="http://perdita.lcs.psu.edu";>home page</a> 
><a Href="http://perdita.lcs.psu.edu/junkdec.htm";>junk mail declaration</a>
>--      /"\
>        \ /     ASCII RIBBON CAMPAIGN
>        X       AGAINST HTML MAIL
>        / \