[Date Prev][Date Next]
Re: OpenLDAP authenticate the username/password with MS-AD?
On 20/07/10 11:00 +0600, OSHIM wrote:
anyone can clear to me about this line
To work, passwords for accounts will form OpenLDAP sasl) (account @ realm.
These two parameters, account, and the kingdom shall be forwarded to
saslauthd uses them in its LDAP filter to find the account in question.
That probably refers to a fully qualified username, such as
'firstname.lastname@example.org'. I'm not sure that a SASL realm parameter can be
passed using this method (sasl_checkpass).
Although saslauthd will support a fully qualified username if its backend
does, AD does not seem to support it (or a SASL realm parameter even).