Hi,
Is there a way to integrate Openldap ldap server with Windows Server Active Directory wherein AD will act as Authentication and Openldap will be setup for Authorization?
Any help will be highly appreciable.
Regards,
Kaushal
2015-11-16 13:45 GMT+01:00 Kaushal Shriyan kaushalshriyan@gmail.com:
Hi,
Is there a way to integrate Openldap ldap server with Windows Server Active Directory wherein AD will act as Authentication and Openldap will be setup for Authorization?
Any help will be highly appreciable.
Hi,
you can configure OpenLDAP to delegate authentication to AD, either trough GSSAPI, either with SASL passwords. For the last solution, see http://ltb-project.org/wiki/documentation/general/sasl_delegation
I also often synchronize OpenLDAP and AD thanks to LSC project, see http://lsc-project.org/wiki/documentation/tutorial/openldaptoactivedirectory
Clément.
Thanks a Lot Clement. I will go through it and ask questions here if i have any during setup.
Regards,
Kaushal
On Tue, 17 Nov 2015 at 16:17 Clément OUDOT clem.oudot@gmail.com wrote:
2015-11-16 13:45 GMT+01:00 Kaushal Shriyan kaushalshriyan@gmail.com:
Hi,
Is there a way to integrate Openldap ldap server with Windows Server Active Directory wherein AD will act as Authentication and Openldap will be setup for Authorization?
Any help will be highly appreciable.
Hi,
you can configure OpenLDAP to delegate authentication to AD, either trough GSSAPI, either with SASL passwords. For the last solution, see http://ltb-project.org/wiki/documentation/general/sasl_delegation
I also often synchronize OpenLDAP and AD thanks to LSC project, see http://lsc-project.org/wiki/documentation/tutorial/openldaptoactivedirectory
Clément.
Clément OUDOT wrote:
2015-11-16 13:45 GMT+01:00 Kaushal Shriyan <kaushalshriyan@gmail.com mailto:kaushalshriyan@gmail.com>:
Hi, Is there a way to integrate Openldap ldap server with Windows Server Active Directory wherein AD will act as Authentication and Openldap will be setup for Authorization?
For simple passthru there is also the slapo-pbind overlay.
Any help will be highly appreciable.Hi,
you can configure OpenLDAP to delegate authentication to AD, either trough GSSAPI, either with SASL passwords. For the last solution, see http://ltb-project.org/wiki/documentation/general/sasl_delegation
I also often synchronize OpenLDAP and AD thanks to LSC project, see http://lsc-project.org/wiki/documentation/tutorial/openldaptoactivedirectory
Clément.
Howard Chu wrote:
For simple passthru there is also the slapo-pbind overlay.
Is there any way I can limit which entries are passed through?
It would be very handy if I could specify conditions based on dn regex and/or LDAP filter. Well, slapo-rwm and a separate backend could be used but slapo-rwm crashes sometimes.
Ciao, Michael.
openldap-technical@openldap.org
-
Clément OUDOT -
Howard Chu -
Kaushal Shriyan -
Michael Ströder