[Date Prev][Date Next]
Re: Munging an OpenLDAP slapd server
I suggest you take a look at the backend interface (by
examining an existing simple backend, like back-passwd)
and/or the overlay interface (by examining an existing
simple overlay). -- Kurt
At 03:14 PM 1/25/2006, J.Lance Wilkinson, 814-865-1818 wrote:
>>I think you could just use saslauthd to forward the password stuff to the
>>KDC, to get whether or not they can bind?
>>Principal Software Developer
>>GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
> Thanks for the response. However, I'm not sure I expressed my need
> correctly given your reply.
> The bind stuff is done already from an earlier application, and it
> works. It's the SEARCH when it's in an anonymous bind state that I
> need to implement.
> When I'm bound to anonymously, I'll then receive a search with a
> filter of (uid=xxx) to which I must a search result of a single entry,
> a DN of "uid=xxx,ou=zzz,dc=nn,dc=mm", and then get my munged slapd to
> return that appropiately.
> Alternatively, If I decide I want to claim there are not matches
> to the filter specified, I need to get my munged slapd to return
> the appropriate results for "search found nothing."
> What I need help with is the anonymous search from the viewpoint of
> slapd and its source files. I need to know which slapd source
> modules I'd need to change, how I'd find the uid=xxx value desired in
> the search request received, how to return an unsuccessful search
> result, and how to return a successful search result.
> I'll apply these changes to the source tree for slapd, along with
> the already changed bind.c code that implements satisfactorally the
> non-anonymous bind against the KDC.
>+----"Never Underestimate the bandwidth of a station wagon full of mag tapes"--+
>| J.Lance Wilkinson ("Lance") InterNet: Lance.Wilkinson@psu.edu
>| Systems Design Specialist - Lead AT&T: (814) 865-1818
>| Digital Library Technologies FAX: (814) 863-3560
>| 3 Paterno Library "I'd rather be dancing..."
>| Penn State University A host is a host from coast to coast,
>| University Park, PA 16802 And no one will talk to a host that's close
>| <email@example.com> Unless the host that isn't close
>| EMail Professional since 1978 Is busy, hung or dead.
>+---------"He's dead, Jim. I'll get his tricorder. You take his wallet."-------+
> [apologies to DeForest Kelley, 1920-1999]
><A Href="http://perdita.lcs.psu.edu">home page</a>
><a Href="http://perdita.lcs.psu.edu/junkdec.htm">junk mail declaration</a>
> \ / ASCII RIBBON CAMPAIGN
> X AGAINST HTML MAIL
> / \