Emmanuel Dreyfus wrote:
François Beretti <[EMAIL PROTECTED]> wrote:
Does OpenLDAP provide a way to authenticate on it using a DN / pwd of
another LDAP server ? I have read the manual page about the LDAP and META
backends, but I did not find if it match my will.
At the end I would like to authenticate on OpenLDAP with a DN/pwd of another
directory (or maybe SASL credentials ?), and access (probably only through
OpenLDAP) to the data of both OpenLDAP and the other directory server.
I can customize the OpenLDAP server (in fact: our server), and not the other
server (the customer server).
Some time ago, I wrote a custom LDAP backend for hijacking
authentication. My goal was to redirect it to a RADIUS server, but you
could modify my code to authenticate against anything else.
For the specific case of RADIUS, a full backend is not needed. If your users
already have LDAP entries, you can set their userpassword to use the {RADIUS}
scheme which will cause a RADIUS server to be used for Simple Bind
authentication. That code is in the contrib/slapd-modules/passwd directory in
HEAD and will also be in 2.4.
Here is it:
http://ftp.espci.fr/pub/ldap2radius/
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
Chief Architect, OpenLDAP http://www.openldap.org/project/
