On 01/23/13 17:00 +0100, Julius Plenz wrote:
Hi,
I'm writing an preoperation authentication plugin for OpenLDAP, but I have trouble finding any documentation whatsoever on this. So most of what I know comes from tutorials like this one from Oracle: http://docs.oracle.com/cd/E19099-01/nscp.dirsvr416/816-6683-10/custauth.htm
P.S.: What I'm actually trying to achieve is to do RADIUS authentification via an external library. But I want to send the client's IP in a Calling-Station-Id attribute, so I cannot simply write a password check function, right? If you got any ideas that are better than a preop module, please tell me...
You should be able to accomplish this via a SASL mechanism (and possibly an existing one), which would not require any code changes within slapd or client libraries. See sasl_server_new(3) and its ipremoteport parameter.