Re: OpenLDAP authenticate the username/password with MS-AD?

On 19/07/10 18:37 +0200, Jonathan Clarke wrote:

Le 19/07/2010 18:07, OSHIM a écrit :

...

I have added into /etc/ldap/slapd.conf sasl-host localhost sasl-secprops none

and also have created usr/lib/sasl2/slapd.conf and have added following two lines pwcheck_method: saslauthd saslauthd_path: / var / run / saslauthd / mux

With this configuration, saslauthd should be called for simple (non-sasl) binds.

Have you set the userPassword attribute in your OpenLDAP entry to "{SASL}swioshim@something" ? And compiled OpenLDAP using the --enable-spasswd switch ?

Thank Jonathan.

I was not aware of that authentication method. That opens up a lot more opportunities for passthough authentication to AD.