[Date Prev][Date Next]
Re: Pass-Through authentication
On 14/11/10 18:29, Paulo Jorge N. Correia (paucorre) wrote:
> Hi all,
> I’m just starting with openLDAP and saslauth, and I’m trying to
> replicate what I can achieve with ADAM/AD LDS in Windows platform.
> I’m trying to use openldap to aggregate user information from several AD
> servers under different forests.
> So single point of contact from an LDAP perspective for an organization,
> and then openldap should pass-through the authentication request that
> receives to the AD DC of the respective user.
> This works well with /saslauthd /for a single domain/, but if I need to
> do this with multiple domains, I don’t know how to configure saslauthd./
saslauthd can only launch one LDAP search to find a user and check his
password. So if you're using several AD domains, you need to be able to
perform a single search over all those domains : set up a back-meta with
all the AD forests under it, and point saslauthd at that.