[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP authenticate the username/password with MS-AD?



On 20/07/10 11:00 +0600, OSHIM wrote:
anyone can clear to me about this line

To work, passwords for accounts will form OpenLDAP sasl) (account @ realm.
These two parameters, account, and the kingdom shall be forwarded to
saslauthd uses them in its LDAP filter to find the account in question.

That probably refers to a fully qualified username, such as
'jsmith@example.net'. I'm not sure that a SASL realm parameter can be
passed using this method (sasl_checkpass).

Although saslauthd will support a fully qualified username if its backend
does, AD does not seem to support it (or a SASL realm parameter even).

--
Dan White