ldap_integration
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
ldap_integration [2009/08/17 07:52] – aorth | ldap_integration [2009/08/18 09:40] – alan | ||
---|---|---|---|
Line 1: | Line 1: | ||
===== LDAP Integration ===== | ===== LDAP Integration ===== | ||
- | ILRI uses an Active Directory server for user authentication, | + | ILRI uses an Active Directory server for user authentication, |
- | This was working once, using a //slightly// customized PAM module. | + | ILRI's Active Directory servers are configure to [[http://support.microsoft.com/kb/326690|disallow anonymous binds]] (you have to authenticate in order to query), so we need to use a semi-privileged account in order to run queries. |
- | * Compile the code: '' | + | |
- | * Link the code: '' | + | |
- | The Active Directory server must not only be a domain controller, but must be running the global catalog service (port 3268) in order for our LDAP queries to work properly. | + | The Active Directory server must not only be a domain controller, but must be running the [[http:// |
- | * 172.26.0.218 <-- running a global catalog server (port 3268) | + | * 172.26.0.218 <- running a global catalog server (port 3268) |
* 172.26.0.219 | * 172.26.0.219 | ||
- | * 172.26.0.220 <-- running a global catalog server (port 3268) | + | * 172.26.0.220 <- running a global catalog server (port 3268) |
+ | |||
+ | This was working once, using a // | ||
+ | * Compile the code: '' | ||
+ | * Link the code: '' | ||
**pam_cgiar_ldap.c**: | **pam_cgiar_ldap.c**: | ||
Line 53: | Line 55: | ||
ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, | ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, | ||
ldap_set_option( NULL, LDAP_OPT_NETWORK_TIMEOUT, | ldap_set_option( NULL, LDAP_OPT_NETWORK_TIMEOUT, | ||
- | ld = ldap_init(" | + | ld = ldap_init(" |
if (ld==NULL) printf(" | if (ld==NULL) printf(" | ||
int rc; | int rc; |
ldap_integration.txt · Last modified: 2012/02/06 08:43 by aorth