[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    [pamldap] RE: Authenticating with PAM to Active Directory
From:       Paul Fitzgibbon <pfitzgibbon () sthelens ! ac ! uk>
Date:       2001-07-25 15:00:35
[Download RAW message or body]

I have a sucessful bind against active directory using linux.

I discovered that the problem was I was trying to do things properly using
the standard LDAP strings such as "cn=Administrator, ou=members" etc.etc..
where what is actually required is "<domain>\<username>" or
"<user>@domain.ac.uk" as the bind string.  Doh.

Basically both of these will work:

ldapsearch -D "<domain>\<username>" -w secret -x 

ldapsearch -D "<username>@<F>.<Q>.<D>.<N>" -w secret -x 

(the server is running in mixed mode)

As will using either of those strings after 'binddn' in ldap.conf.

I'm playing with the PAM module now, and no longer getting the
authentication failure messages but still cant log on (yet) I suspect I need
to alter the directory schema for linux credentials.  I'll post more when I
solve this problem.

Paul Fitzgibbon
St Helens College (UK)

> -----Original Message-----
> From: David LaPorte [mailto:dave@laportestyle.org]
> Sent: 24 July 2001 19:16
> To: Paul Fitzgibbon
> Subject: RE: Authenticating with PAM to Active Directory 
> 
> 
> Paul,
> 	I did try to get Solaris/Linux to authenticate off of 
> AD, but failed
> miserably.  Let me know if you make out any better.
> 
> Sorry...
> 
> Dave LaPorte


*************************************************************
This email and any files transmitted with it are confidential
and intended solely for the use of the individual or entity
to whom they are addressed.  Any views or opinions
expressed are solely those of the author and do not
necessarily represent the views of St Helens College.

If you are not the intended recipient, or the person
responsible for delivering the email to the intended
recipient, be advised that you have received the email
in error and that any unauthorised review, use,
disclosure, distribution or publication of this email
is prohibited. St Helens College will not be liable
for direct, special, indirect or consequential damages
arising from alterations of the contents of this message
by a third party or as a result of any virus being passed on.

If you have received this email in error please contact
the sender by reply email and destroy and delete
the message and all copies from your computer.

[prev in list] [next in list] [prev in thread] [next in thread]