[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP authenticate the username/password with MS-AD?

On 19/07/10 18:37 +0200, Jonathan Clarke wrote:
Le 19/07/2010 18:07, OSHIM a écrit :
I have added into /etc/ldap/slapd.conf
sasl-host localhost
sasl-secprops none

and also have created usr/lib/sasl2/slapd.conf and have added following
two lines
pwcheck_method: saslauthd
saslauthd_path: / var / run / saslauthd / mux

With this configuration, saslauthd should be called for simple (non-sasl) binds.

Have you set the userPassword attribute in your OpenLDAP entry to "{SASL}swioshim@something" ? And compiled OpenLDAP using the --enable-spasswd switch ?

Thank Jonathan.

I was not aware of that authentication method. That opens up a lot more
opportunities for passthough authentication to AD.

Dan White