[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Ldap challenge

To: Dan White <dwhite@cafedemocracy.org>
Subject: Re: Ldap challenge
From: Clément OUDOT <clem.oudot@gmail.com>
Date: Fri, 24 Apr 2015 20:59:03 +0200
Cc: "Ross, Daniel B." <daniel.ross@emory.edu>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=XZFHMKfbCi8Df2eTgtEE1EK46KYTIMn2HWfr9mCpipk=; b=EcxcVWpYX/UNORiHujnIZSHa89dXtyLitT/WRrem06LMz5H2HfDFUxWbHmR5iMnHlm 9iMvTq2Myk4hJdCp21x32A0uXmPUnLx7yqNyTUVLFE5uUG7VVeX8ZxRbz7qtfh/YqSDK azTqtpe47kAaENKJ9tyaceqJlVfDems7YXht12Q197pmvrRVmkykzgeuW7i44BwgtmdN aZouHF6xoJ7dsLE+7/b5b3GH5EjjRleZfpbj6HDcUj2PpfEEwxp0PiPcmdctgzHdfEhS OxUUBWTJdzcSckcIWrafqZzb+aDpBuiRsoAH421GTqf2cjk12LZssFyjj8iQEgQBWg4g zIyw==
In-reply-to: <20150424170230.GJ3831@dan.olp.net>
References: <1429733256070.64524@emory.edu> <20150424170230.GJ3831@dan.olp.net>

2015-04-24 19:02 GMT+02:00 Dan White <dwhite@cafedemocracy.org>:
> On 04/22/15 20:08 +0000, Ross, Daniel B. wrote:
>>
>> Ok I have looked a couple options but I really dont know how to accomplish
>> what I need to do.
>>
>> Here is what I am trying to do.
>>
>>
>> I have a greater organization that is stuck on using Microsoft products
>> namely Microsoft LDS.   To make matters worse they present the data to my
>> linux servers in a completely non-standard way.   Its driving my solaris
>> and linux box nuts and they simply dont want to work with it.
>>
>> What i need to do is continue to use the campus usernames and passwords
>> but present the Data in a format that my linux/unix hosts can use.  Is
>> this possible?
>>
>> i.e.  userid would still be samwise but instead of a bizzarre
>> OU=monkeypeople,dc=example,dc=com I want it to present as
>> people,dc=example,dc=com.
>>
>> I looked at referral and aliasing but it does not seem to be doing what I
>> am trying to do.  Passthrough authentication looks close but I cant find
>> sufficient documentation to actually configure a system to use it.
>
>
> See slapo-rwm(5).
>
> Pass-through is documented in section 14.5 of the Administrator's Guide:
>
> http://www.openldap.org/doc/admin24/
>
> Supporting Cyrus SASL documentation:
>
> http://www.cyrussasl.org/docs/cyrus-sasl/2.1.25/
> And /saslauthd/LDAP_SASLAUTHD within the Cyrus SASL source.
>
> You'll find workable pass-through examples for authenticating to Exchange
> in this list's archives as well as the Cyrus SASL list archives. The 'ldap'
> and 'kerberos5' saslauthd backends should both be workable solutions.


Hi,

you can also find a documentation on  SASL delegation here:
http://ltb-project.org/wiki/documentation/general/sasl_delegation


Clément.

Follow-Ups:
- Re: Ldap challenge
  - From: "Ross, Daniel B." <daniel.ross@emory.edu>

References:
- Ldap challenge
  - From: "Ross, Daniel B." <daniel.ross@emory.edu>
- Re: Ldap challenge
  - From: Dan White <dwhite@cafedemocracy.org>

Prev by Date: Re: Ldap challenge
Next by Date: Re: LMDB usage with long or variable length keys
Index(es):
- Chronological
- Thread