sasl auth against Active Directory

Howard Chu hyc at highlandsun.com
Wed Mar 31 04:34:22 EDT 2010


Geoff wrote:
> Le 31/03/2010 05:03, Dan White a écrit :
>> I was able to configure saslauthd to work against a Windows 2003 Standard
>> [...]
>>
>> I had to play around a bit with an ldapsearch command to find out what
>> Active Directory wanted for a dn:
>>
>> ldapsearch -x -H ldap://192.0.2.1 -D Administrator at example.com -w
>> secret -b OU=Users,OU=BTC,dc=example,dc=com
>>
>
> Al right, thanks Dan, then I believe I am right with my settings in
> saslauthd. An ldap search is successful with these settings.
>
> I'm wondering if the IT gave me the right access on AD...
> The ldap search is not returning any userPassword or unicodePwd field
> (AD equivalent of ldap userPassword as I found on the web).
>
> Should an ldap search return one of these field if I had sufficient access?

No, ActiveDirectory never returns this information through LDAP.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/


More information about the Cyrus-sasl mailing list