[turba] LDAP Authorization
Craig White
craigwhite at azapple.com
Sun Oct 12 18:54:43 UTC 2008
On Sun, 2008-10-12 at 12:16 -0400, Jorge Hernandez wrote:
> Well I have my LDAP configured to work with my Samba server acting as a DC
> for a windows network, everything works well, but when I go to horde
> authentication to configure it I put the same as my samba is configured, but
> it doesn't show me my users or adds new ones, then I found a How To called
> Existing LDAP, and it says to put some access permissions to horde, which I
> did but there is one that makes my LDAP not start, and it's this line:
>
> access to attrs="@hordePerson"
>
> so I haven't been able to get horde connect to my LDAP.
>
> Do you have any idea? How do I configure my slapd.conf so horde can connect
> to my LDAP server?
----
can you login via ssh as an LDAP 'user'? If not, that is your first
problem to solve. Don't expect horde to be able to login via LDAP if you
can't otherwise make it happen.
Just to be clear, Samba uses sambaNTPassword (possibly sambaLMPassword)
hash that is peculiar to Windows authentication and requires a mechanism
that would be difficult to configure within horde. The mechanisms for
encrypting Windows passwords are uniquely Microsoft. Most POSIX systems
would likely use PAM for underlying user authentication and would use
the 'userPassword' attribute which would be encrypted however your LDAP
server is designed to store them.
Craig
More information about the turba
mailing list