Hi, what I am trying to achieve is to have both a Shibboleth IdP and an Imap server (that's why different IPs) authenticate against openldap, with different credentials. My aim is to let Openldap handle this difference and let the Imap and IdP server unaware of this, they'd just need to do a simple bind. Thanks again, Stefano
Stefano Zanmarchi wrote:
Hi, what I am trying to achieve is to have both a Shibboleth IdP and an Imap server (that's why different IPs) authenticate against openldap, with different credentials. My aim is to let Openldap handle this difference and let the Imap and IdP server unaware of this, they'd just need to do a simple bind.
Well, if you don't have a requirement of different credentials, you could use a multi-valued userPassword, and have it replaced by a single, common value at the first update. This would allow you to ignore the IP the bind request comes from, since the bind would succeed as soon as one of the values of userPassword matches the incoming credentials.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------
openldap-technical@openldap.org
-
Pierangelo Masarati -
Stefano Zanmarchi