Re: inetOrgperson /userPasswords

From: Dmitri Gavrilov [MSFT] (dmitrig_at_online.microsoft.com)
Date: 10/07/04 

Date: Thu, 7 Oct 2004 10:52:11 -0600

You can already use "pass-through" authentication with ADAM today. Just bind
to ADAM as a Windows user. Then, you don't need to store any passwords in
ADAM.

See
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=eChFi2vfEHA.2000%40tk2msftngp13.phx.gbl 

-- 
Dmitri Gavrilov
SDE, Active Directory Core
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"Eoin Mooney" <anonymous@discussions.microsoft.com> wrote in message
news:3f3e01c4ac71$d6ee4d40$a501280a@phx.gbl...
> Hi,
>
> we are trying to implment the following :
>
> What we have at the moment
> ===========================
> We have created users for our application in ADAM.
> They are of the type organisation-person
> We store passwords in our own bespoke attribute not
> userPassword.
>
> What is required
> =================
> The application users passwords follow the OS
> authentication password rules
> [expirary/lockouts/complexity] before being accepted.
>
> And in the long run when logging into the application
> authenticate with the passwords stored in AD rather than
> ADAM. [passthrough ???]
>
> Questions
> =========
>
> Do I have to create users [for my app] to be a specific
> type to be able to use this password rule/authentication
> that is inherent with the OS.
>       What type if so - Is it inetOrgperson ?
>
> Do I have to use "userPassword" attribute to store the
> passwords to avail of this ?
>
> thanks for any assistance
>
> Eoin
>
>

Relevant Pages

  • Re: Windows Authentication (asp.net 1.1 C#)
    ... it is up to you how you store your passwords - FormsAuth is just a mechanism ... Usually you store the passwords in a database using salted hashes - have a look at PasswordDeriveBytes class ... Authentication or Form Authentication. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Architectural question for product security deployment
    ... ADAM uses the local and domain policies where it's installed. ... Also, to change passwords via LDAP, you must connect via a secure method by ... bit (may not work in workgroup setting; you may need an alternate method, ... > 1) I Installed ADAM by first logging in a system admin and creating the ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM - AD_Schema load fails with error
    ... It sounds like you are saying that the passwords are not bought down by ... If ADAMSync is bringing accounts into ADAM as native accounts... ... >> somewhere as Windows Principals. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Active Directory to ADAM Sync Password question
    ... You can't read passwords out of AD or sync them with ADAMSync. ... I'm confused by your statement as bind proxy objects are designed ... specifically so that you can have an object in ADAM to do a simple bind on ...
    (microsoft.public.windows.server.active_directory)
  • Re: Configuring ADAM replication resets passwords
    ... applied on the other systems which causes the passwords to be effectively ... even though the actual ADAM data is replicated. ... after you configure replication which ADAM instance is your ...
    (microsoft.public.windows.server.active_directory)