Re: LDAP

From: Jobe Gates (jgates_at_someisp.com)
Date: 01/21/05

Next message: Douglas H. Quebbeman: "Re: Need Help with Odd LDAP Error, NCSecDesc Failure running DCDIA"
Previous message: Allen Firouz: "RE: Create user that dont have access to domain"
In reply to: Joe Kaplan $MVP - ADSI$: "Re: LDAP"
Next in thread: Joe Kaplan $MVP - ADSI$: "Re: LDAP"
Reply: Joe Kaplan $MVP - ADSI$: "Re: LDAP"
Messages sorted by: [ date ] [ thread ]

Date: Fri, 21 Jan 2005 13:49:15 -0500

I think we both misunderstood. :)

I have a 3rd party app running on AIX that we can setup to allow
authentication through LDAP. I want to do single sign on. So I need to
setup the connection between my AIX server and AD. What I was asking is how
people ususally do this when they have an application that needs to query AD
for authentication. I know I need to setup a user account to allow it to
access the LDAP database but I'm not sure what rights this user account
needs.

"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
in message news:uk3NGe%23$EHA.3504@TK2MSFTNGP12.phx.gbl...
>I must not have understood what you were asking then either. :)
>
> It sounded to me that you were planning to build some sort of tool using
> the LDAP protocol and the bind function to bind to AD to verify a user's
> credentials. It also sounded like you asked whether you need to create a
> separate account for this and what permissions it needs to query the
> database.
>
> Essentially, what I was saying is that you don't need to query anything to
> do a bind to verify credentials. So, my question was why you thought you
> might need a separate account or a query.
>
> Joe K.
>
> "Jobe Gates" <jgates@someisp.com> wrote in message
> news:uV8xbU%23$EHA.1404@TK2MSFTNGP11.phx.gbl...
>>I don't understand what your asking.
>>
>>
>> "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com>
>> wrote in message news:%23a4SEr8$EHA.4092@TK2MSFTNGP09.phx.gbl...
>>> If it is just for authentication, why not just use the credentials of
>>> the user being authenticated? Then you don't need a service account.
>>>
>>> Joe K.
>>>
>>> "Jobe Gates" <jgates@someisp.com> wrote in message
>>> news:%23Jxavl7$EHA.1604@TK2MSFTNGP12.phx.gbl...
>>>> I'm trying to setup an application to query out LDAP database for
>>>> authentication. Do most people create a seperate account for each one
>>>> of these connections? What permissions does it need to query the
>>>> database?
>>>>
>>>> TIA,
>>>>
>>>> Jobe
>>>>
>>>
>>>
>>
>>
>
>

Next message: Douglas H. Quebbeman: "Re: Need Help with Odd LDAP Error, NCSecDesc Failure running DCDIA"
Previous message: Allen Firouz: "RE: Create user that dont have access to domain"
In reply to: Joe Kaplan $MVP - ADSI$: "Re: LDAP"
Next in thread: Joe Kaplan $MVP - ADSI$: "Re: LDAP"
Reply: Joe Kaplan $MVP - ADSI$: "Re: LDAP"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: LDAP
... special account at all as you don't have to query anything. ... > setup the connection between my AIX server and AD. ... I know I need to setup a user account to ...
(microsoft.public.windows.server.active_directory)
RE: LDAP query
... > Can LDAP be setup to query other domains within a forest? ...
(microsoft.public.win2000.active_directory)
Query AD for existence of a user account.
... How can I query the AD to find out if a particular user account already ... I am using LDAP and can create new accounts, ...
(microsoft.public.windows.server.scripting)
Re: Data source
... This is really an Access query design question. ... In your Access datasource ... you need a field by which you can link each record the the Setup ...
(microsoft.public.word.mailmerge.fields)
Re: Help on Crosstab query
... In using the Setup table which allows the user to "close off" a year I had ... in the Column Headings of the Query properties the following which didn't ... | FROM As AP INNER JOIN qryAccountPayableItem AS API ...
(microsoft.public.access.queries)