The problem is that in many cases, to replace existing systems, I need
to be able to intercept username and password credentials from an LDAP
client, create the local or network account dynamically, perhaps perform
some other setup functions, and then return a value LDAP return to the
LDAP client that the authentication was successful.
So, as well as a normal bind, from say ldapsearch, you need to do other things if the bind was correct?
So how would you stop any user/pass binding and an account getting created?
I need a good snippet of LDAP server code to get me started, preferably
in C.
If all you are after is interception, I would advise writting an OpenLDAP Overlay that captures what you need and does the other things you want.
Overlay are meant to be small and light, exactly what you need.
This will be easier than pulling out code and will get OpenLDAP Overlays
into your head, which is always very handy.
Thanks again,
Joe