[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Authentication process in openldap?
On Fri, 13 Oct 2000, Kurt D. Zeilenga wrote:
> At 10:36 PM 10/12/00 -0400, Salvador Ramirez wrote:
> >I'm trying to do netscape roaming with openldap. For this purpose
> >I have created some user's entries that includes the userPassword
> >attribute. This password was set by ldappasswd command. I'm quite
> >trouble figuring out how the openldap server authenticate the roaming
> >user. I compiled the openldap server with sasl support so it perhaps
> >is trying to authenticate the DN/password supplied in the netscape's
> >GUI against the sasl database and not the userPassword attribute
> >of the user's directory entry?
>
> This Netscape client only supports simple bind. OpenLDAP only
> supports simple bind through use of the userPassword attribute.
> That attribute however can indicate that server should use an
> external service to validate the user's password. 2.0 supports
> {UNIX}, {KERBEROS}, and {SASL}. The string after the scheme
> should be user identity of the user in the external service.
OK, thanks. But could be happens if I used ldappasswd with the -x
option so the password is in the userPassword attribute but
netscape still answer me with me that something faild on the
authentication with the openldap server. Of course I double checked
that the openldap server is running and that the configuration on
the netscape client is ok?
I looked at the debug output but it is quite unreadable for me,
could I include it on a email?
---sram
"Don't listen to what I say; listen to what I mean!" --Feynman
Salvador Ramirez Flandes PROFC, Universidad de Concepcion, CHILE
http://www.profc.udec.cl/~sram mailto:sram@profc.udec.cl