[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: pam/nss ldap authentication against ms exchange 5.5

To: openldap-software@OpenLDAP.org
Subject: Re: pam/nss ldap authentication against ms exchange 5.5
From: John Morrissey <jwm@horde.net>
Date: Thu, 21 Feb 2002 20:33:01 -0500
Content-disposition: inline
In-reply-to: <3C74F546.2C58095F@intersales.de>
References: <3C74F546.2C58095F@intersales.de>

On Thu, Feb 21, 2002 at 02:25:26PM +0100, Andrej Radonic wrote:
% we want to establish ldap authentication for linux redhat 7.2 machines
% against an existing exchange 5.5 (ldap) server.
% 
% while I have seen from different posts that querying using basic ldap
% clients like ldapsearch does work I have doubts whether the task of
% actually authenticating linux users on this basis can be done "out of
% the box".
% 
% as far as I know exchange does not store user passwords in its ldap db.
% rather it relies on the underlying win nt accounts.

I think the big problem you'll run into is that Exchange/Active Directory
doesn't store UID/GID information for users. I'm not sure how you'd go about
getting a valid UID/GID pair for your users who are logging into your Linux
machines.

One alternative might be to use pam_ldap to do user *authentication*, but
have local "accounts" in /etc/passwd in order to obtain UID/GID/home
directory information.

john
-- 
John Morrissey          _o            /\         ----  __o
jwm@horde.net        _-< \_          /  \       ----  <  \,
www.horde.net/    __(_)/_(_)________/    \_______(_) /_(_)__

References:
- pam/nss ldap authentication against ms exchange 5.5
  - From: Andrej Radonic <ar@intersales.de>

Prev by Date: Restricting Object Classes of Entries Added
Next by Date: Re: Newbie: Attributes
Index(es):
- Chronological
- Thread