[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap for proxy AD

2013/11/20 Howard Chu <hyc@symas.com>:
> Clément OUDOT wrote:
>> 2013/11/19 Jason Brandt <jbrandt@fsmail.bradley.edu>:
>>> You are trying to authenticate through the credentials stored in your
>>> active
>>> directory servers, not the passwords stored in LDAP, correct?  If that is
>>> the case, then the easiest means to accomplish that are to use SASL for
>>> authentication.
> Or he could just read up on slapo-pbind.

Seems pbind overlay do not allow to have a different DN between
OpenLDAP and AD, am I right?

And also, with SASL delegation, you are able to choose which accounts
will use SASL pass trough, and which account will have their password
stored locally. Is it possible with pbind?