Hello Antonio,
many thanks for your answer! I'll try approach 2 first, this seems to be
OK for the project. The mail addresses are no DNs by definition, but
unique in our case.
Werner
Antonio Fiol BonnĂn wrote:
Yes, you can user the LDAP transformer.
However, you may use two different approaches:
Approach 1: Do you already know the DN of the user trying to log in?
Yes: Use it as binding DN
No: You will need to first bind with a known user, get the DN for the
user trying to log-in, transform that again into a LDAP query, and
reissue the query with the right DN.
Approach 2: If you know the short name of the user (account
name)@(domain name) in our case, you can use it as binding DN even if
it is not a real DN. This is non-standard, and MS-AD specific, AFAIK,
but it saves you some time.
--
Antonio
2005/7/23, Werner Rudolf <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>:
Hello,
I'd need to authenticate in Cocoon against MS Active Directory.
Are there any links/documents/WIKI entries w/ best practises
available?
Can I just use the LDAP transformer for that?
Many thanks and best regards,
Werner
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
