[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap for proxy AD

To: Howard Chu <hyc@symas.com>
Subject: Re: Openldap for proxy AD
From: Clément OUDOT <clem.oudot@gmail.com>
Date: Wed, 20 Nov 2013 11:05:31 +0100
Cc: wrm@cdtn.br, Jason Brandt <jbrandt@fsmail.bradley.edu>, "openldap-technical@OpenLDAP.org" <openldap-technical@openldap.org>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=97/ToIFjUG43+twUckKt1mM0A33sZDx3fvS2kQDWjT0=; b=NtoBUikbd7x9IIWMAM8nywD6AqorLQD0PEAHggzCSxKxuMr0Qc4/KyCWODENlQXtpj je/Hm88oP2igIDOWTYEMZrTzzu+HINYhsHY9X91OcNe8ycP17Kfr8MVAjVN/iLb4pUOZ 1kloK1pLLTV6yhEJYqqasHenEdV4m5Qb1hcGrFr+/fvLRdZLyLMfZ9Xsxm3/aWDZyG7F Kw7uxleozxqstHfQWx12XTUgFNnVW/+lSHU1NTyEv+vi5/1Fmtb/qtuOTkQohc7oBEJ6 JnSen9BF8HnW/G0xaDISEiBBOll8JJkaLNugG3RH/5nuGC++JnlSckJo5mJAgp9Iu+8o fk7Q==
In-reply-to: <528C72AF.3060407@symas.com>
References: <21c0b36fe18b07698e7053e931e6a583.squirrel@webmail.cdtn.br> <CAJ-t26qc2pgBBaVisrEhUxSZ9rKtoN93MpscQ8VsD4E5t4ciFg@mail.gmail.com> <CAK_oV48tr71Qhb494faNL0GVbHGO4Bb0nAO+iWuoweYKH_JeRg@mail.gmail.com> <528C72AF.3060407@symas.com>

2013/11/20 Howard Chu <hyc@symas.com>:
> Clément OUDOT wrote:
>>
>> 2013/11/19 Jason Brandt <jbrandt@fsmail.bradley.edu>:
>>>
>>> You are trying to authenticate through the credentials stored in your
>>> active
>>> directory servers, not the passwords stored in LDAP, correct?  If that is
>>> the case, then the easiest means to accomplish that are to use SASL for
>>> authentication.
>
>
> Or he could just read up on slapo-pbind.

Seems pbind overlay do not allow to have a different DN between
OpenLDAP and AD, am I right?

And also, with SASL delegation, you are able to choose which accounts
will use SASL pass trough, and which account will have their password
stored locally. Is it possible with pbind?

Clément.

References:
- Openldap for proxy AD
  - From: wrm@cdtn.br
- Re: Openldap for proxy AD
  - From: Jason Brandt <jbrandt@fsmail.bradley.edu>
- Re: Openldap for proxy AD
  - From: Clément OUDOT <clem.oudot@gmail.com>
- Re: Openldap for proxy AD
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Slapd sometimes stucks: slapd shutdown: waiting for N operations/tasks to finish
Next by Date: Re: Openldap for proxy AD
Index(es):
- Chronological
- Thread