ldap_integration
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
ldap_integration [2009/08/17 07:41] – aorth | ldap_integration [2009/08/18 11:48] – alan | ||
---|---|---|---|
Line 1: | Line 1: | ||
===== LDAP Integration ===== | ===== LDAP Integration ===== | ||
- | ILRI uses an Active Directory server for user authentication, | + | ILRI uses an Active Directory server for user authentication, |
- | This was working once, using a //slightly// customized PAM module. | + | <note warning>This no longer works! It relied on anonymous access to the AD server, but ILRI's Active Directory servers are configured to [[http://support.microsoft.com/kb/326690|disallow anonymous binds]]. |
- | * Compile the code: '' | + | |
- | * Link the code: '' | + | |
- | The Active Directory server must not only be a domain controller, but must be running the global catalog service (port 3268) in order for our LDAP queries | + | This was working once, using a // |
+ | * Compile the code: '' | ||
+ | * Link the code: '' | ||
**pam_cgiar_ldap.c**: | **pam_cgiar_ldap.c**: | ||
Line 50: | Line 50: | ||
ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, | ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, | ||
ldap_set_option( NULL, LDAP_OPT_NETWORK_TIMEOUT, | ldap_set_option( NULL, LDAP_OPT_NETWORK_TIMEOUT, | ||
- | ld = ldap_init(" | + | ld = ldap_init(" |
if (ld==NULL) printf(" | if (ld==NULL) printf(" | ||
int rc; | int rc; |
ldap_integration.txt · Last modified: 2012/02/06 08:43 by aorth