[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Minimal OpenLDAP server source
<quote who="Joe Flowers">
> Gavin Henry wrote:
>>> The problem is that in many cases, to replace existing systems, I need
>>> to be able to intercept username and password credentials from an LDAP
>>> client, create the local or network account dynamically, perhaps
>>> perform
>>> some other setup functions, and then return a value LDAP return to the
>>> LDAP client that the authentication was successful.
>>>
>>
>> So, as well as a normal bind, from say ldapsearch, you need to do other
>> things if the bind was correct?
>>
>> So how would you stop any user/pass binding and an account getting
>> created?
>>
>
>
> I can/will do the the authoritative authentication pieces via Kerberos
> or native calls into NDS or AD or other LDAP calls or etc.
Understood.
>
>
>>
>>> I need a good snippet of LDAP server code to get me started, preferably
>>> in C.
>>>
>>
>> If all you are after is interception, I would advise writting an
>> OpenLDAP
>> Overlay that captures what you need and does the other things you want.
>>
>> Overlay are meant to be small and light, exactly what you need.
>>
>> This will be easier than pulling out code and will get OpenLDAP Overlays
>> into your head, which is always very handy.
>>
>
> Thanks Gavin. I'll look into Overlays then. Any experienced pointers
> where to look for example code?
Use the source! ;-)
Tips:
* Read servers/slapd/overlays/*
* collect.c is an example by Howard.
* Read slapover.txt in that directory too.
* Make sure you copy/reference ones that support dynamic config to work
well with 2.4.x (they'll have schema definitions embedded in them)
Nicely commented overlay at:
http://www.openldap.org/its/index.cgi/Contrib?id=4890;page=3
auditlog.c is nice and short (as should be all overlays, as that's their
point ;-) )
That should get you going.
Gavin.
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/