[Date Prev][Date Next]
>Proxy Just Binds/Authentications from another LDAP?
- To: firstname.lastname@example.org
- Subject: >Proxy Just Binds/Authentications from another LDAP?
- From: Don Hoover <email@example.com>
- Date: Wed, 3 Feb 2010 10:59:35 -0800 (PST)
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1265223575; bh=FPBSZAcCilK7wgUooSH+LzbceqCoBR07qu5Y+iV4lzQ=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=RZ1fWSAn5RG3eUE4h/uCRSD13KxvsJiXFps4AlPbrFeFFzr4+f4c6oT2Jb4TzMHJqeRWbFZNhmpAoP65ocXoykH2ZC0SlipI44KbPRR7e2teHF2FH0/3jbEwC7jGbO1vCBXl/I5ozPR+8zI+aXUOrg0QP9nYAMiHaJvZnDUU+5k=
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=I7UOpN5TSg4LMQ2mB0onDCHMzrKPBpvdYWSNajs9zCJIro7WghcEa1SwMx+8rIU5Zkb0CbzHQO6FugYl33uhfSW//hQ/5Zia/C4mxuB3K3XnZN5OpVT75MtwgSpVNlN8BeKxuyg76AuuEkcAg7/PH7++7kBdTDY30+tgot2+GoQ=;
Well, I have been working on this question and have had an idea.
Would a way to accomplish this is by using SASL? It took me about 10 minutes to figure out how to configure saslauthd to verify binds to the other LDAP server.
Openldap can use SASL right? So I just need to get slapd to use SASL to verify the binds to the other external ldap server.
So I would have:
ldapclient bind request-> openldap slapd -> SASL-> external ldap server bind
Is this a good idea?
I don't see how to make slapd use the sasl server for this though, the only examples I can find are to use kerberos.
Any ideas on how to get slapd to just use sasl like I have it setup?