[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP & AD

To: Max_Ma@gmx.net, OpenLDAP-Software@OpenLDAP.org
Subject: Re: OpenLDAP & AD
From: Norbert Klasen <norbert.klasen@daasi.de>
Date: Mon, 18 Mar 2002 13:32:12 +0100
Content-disposition: inline
In-reply-to: <74313489.20020316180323@gmx.net>
References: <74313489.20020316180323@gmx.net>

--On Samstag, 16. März 2002 18:03 +0100 Max_Ma@gmx.net wrote:


What I would like to do is take the user from the win2k and put
them on openLDAP, or to make openLDAP ask to the Win2k DC for the
authentication of that user.

Is it possible in some way?

I suggest you use the Kerberos infrastructure provided by AD. To do so, your client applications need to use the GSSPI SASL mechanism in LDAP. You can then base your access controls on the SASL authentication identifiers (ie. Kerberos principals).

--
Norbert Klasen, Dipl.-Inform.
DAASI International GmbH                 phone: +49 7071 29 70336
Wilhelmstr. 106                          fax:   +49 7071 29 5114
72074 Tübingen                           email: norbert.klasen@daasi.de
Germany                                  web:   http://www.daasi.de

References:
- OpenLDAP & AD
  - From: Max_Ma@gmx.net

Prev by Date: Re: open ldap and local user management?
Next by Date: Re: objectclass: top
Index(es):
- Chronological
- Thread