[turba] LDAP Authorization

Jorge Hernandez jorgeh at fsbcomputers.com
Sun Oct 12 19:45:05 UTC 2008


I actually have the linux authentication to validate against LDAP, even the
root account is on LDAP, so the answer is yes I can login using SSH.

-----Original Message-----
From: turba-bounces at lists.horde.org [mailto:turba-bounces at lists.horde.org]
On Behalf Of Craig White
Sent: Sunday, October 12, 2008 2:55 PM
To: turba at lists.horde.org
Subject: Re: [turba] LDAP Authorization

On Sun, 2008-10-12 at 12:16 -0400, Jorge Hernandez wrote:
> Well I have my LDAP configured to work with my Samba server acting as a DC
> for a windows network, everything works well, but when I go to horde
> authentication to configure it I put the same as my samba is configured,
but
> it doesn't show me my users or adds new ones, then I found a How To called
> Existing LDAP, and it says to put some access permissions to horde, which
I
> did but there is one that makes my LDAP not start, and it's this line:
> 
> access to attrs="@hordePerson"
> 
> so I haven't been able to get horde connect to my LDAP.
> 
> Do you have any idea? How do I configure my slapd.conf so horde can
connect
> to my LDAP server?
----
can you login via ssh as an LDAP 'user'? If not, that is your first
problem to solve. Don't expect horde to be able to login via LDAP if you
can't otherwise make it happen.

Just to be clear, Samba uses sambaNTPassword (possibly sambaLMPassword)
hash that is peculiar to Windows authentication and requires a mechanism
that would be difficult to configure within horde. The mechanisms for
encrypting Windows passwords are uniquely Microsoft. Most POSIX systems
would likely use PAM for underlying user authentication and would use
the 'userPassword' attribute which would be encrypted however your LDAP
server is designed to store them.

Craig

--
Turba mailing list - Join the hunt: http://horde.org/bounties/#turba
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: turba-unsubscribe at lists.horde.org



More information about the turba mailing list