[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Pass-Through authentication



On 14/11/10 18:29, Paulo Jorge N. Correia (paucorre) wrote:
> Hi all,
> 
> I’m just starting with openLDAP and saslauth, and I’m trying to
> replicate what I can achieve with ADAM/AD LDS in Windows platform.
> 
>  
> 
> I’m trying to use openldap to aggregate user information from several AD
> servers under different forests.
> 
>  
> 
> So single point of contact from an LDAP perspective for an organization,
> and then openldap should pass-through the authentication request that
> receives to the AD DC of the respective user.
> 
>  
> 
> This works well with /saslauthd /for a single domain/, but if I need to
> do this with multiple domains, I don’t know how to configure saslauthd./

saslauthd can only launch one LDAP search to find a user and check his
password. So if you're using several AD domains, you need to be able to
perform a single search over all those domains : set up a back-meta with
all the AD forests under it, and point saslauthd at that.

Jonathan