Howard Chu wrote:
Clément OUDOT wrote:
2014-07-04 14:57 GMT+02:00 Rogério Augusto Rondini <rarondini.paradygma@gmail.com mailto:rarondini.paradygma@gmail.com>:
Hi folks, I need to implement password sync between AD and OpenLDAP using an IDMtool.
I want to know how to capture clear text password in OpenLDAP before encryption so that I can sync with AD and potentially with others user repositories.There is also Microsoft's SSO plugin. Discussed it briefly here http://www.openldap.org/lists/openldap-devel/200811/msg00045.html
Isn't that the other way round?
The original poster wrote: "I want to know how to capture clear text password in OpenLDAP"
So pointing to e.g. slapo-smbk5pwd source would be the right, wouldn't it?
It's been several years since I last looked at this. I just pulled down the Unix source code again today, it appears to only support IPv4 as it uses 32 bit IP addresses when generating the session keys for its exchange.
If you need AD->LDAP direction IIRC the Windows part of 389's DC password interceptor is also open source.
Ciao, Michael.