Menu
▾
▴
Re: Unable to do named binds against NDS 8
|
From: Peter M. <pet...@ma...> - 2002-03-20 16:31:59
|
Hi,
On Wednesday 20 March 2002 16:31, you wrote:
> Once I added the full dn to the named bind request, the bind was
> successful! I guess you have to have every element, which is unfortuna=
te.=20
> If we are using the bind for authentication in web apps, we really only
> know by default the cn, o=3DWBDONER, and c=3DUS. Does anyone know if t=
here is
> any other way to find this info or not use it in the bind? For perform=
ance
> reasons, doing a search before the authentication is not desireable, no=
r is
> asking the user which office and department they are from.
Sure, the classical way:
1) Have unique CNs in your tree below "o=3DWBDONER, c=3DUS"
This must be ensured by administration.
2) Have a user that is allowed to search below "o=3DWBDONER, c=3DUS"
3) On every request:
3.1) Search for CN below "o=3DWBDONER, c=3DUS"
3.2) If found: LogIn with the DN from the search (should be unique
due to 1.) else: Fail
That's it !
Yours
Peter
PS : BTW that's not NDS specific, it's LDAP.
--=20
Peter Marschall | eMail: pet...@ma...
Scheffelstra=DFe 15 | pet...@is...
97072 W=FCrzburg | Tel: 0931/14721
PGP: D7 FF 20 FE E6 6B 31 74 D1 10 88 E0 3C FE 28 35
|
