Re: LDAP Authentication from Linux
- From: Joe <joe@xxxxxxxxxxxxxx>
- Date: Thu, 03 Apr 2008 22:13:01 +0100
Adrian Marsh (NNTP) wrote:
Hi All,
I'm trying to implement a secure authentication from an apache2 server across to my SBS2003 server.
I've configured LDAP in apache, and if I bind using a Domain Admin account then all is well and I can login.
However, I don't really want to use a domain admin account for this. So I setup a new user account, and have tried using that but the bind fails. I'm guessing its a permissions issue, but am not sure where to start to look.
I assume you're asking LDAP for confirmation of user credentials? Should
an unprivileged user be allowed to do this for credentials other than his own?
Possibly there are security groups lower than domain admin that will allow it.
Second, am I using the right mechanism here? Isn't LDAP for directory lookups and Kerberos for authentication??
Have you tried making the Linux machine a domain member? I'm not quite sure of the state of the art of Samba at the moment, but I believe it's up to domain membership on 2003. I'm not sure if it can do domain controller yet. Again, I'm not sure if this will help as it seems to me you're asking about domain security information as an unprivileged user.
.
- Follow-Ups:
- Re: LDAP Authentication from Linux
- From: Dana Epp [Security MVP]
- Re: LDAP Authentication from Linux
- References:
- LDAP Authentication from Linux
- From: Adrian Marsh (NNTP)
- LDAP Authentication from Linux
- Prev by Date: Re: SBS2008 License question
- Next by Date: Re: MS - Filtering /Relay SRX-080-313-600-193
- Previous by thread: Re: LDAP Authentication from Linux
- Next by thread: Re: LDAP Authentication from Linux
- Index(es):
Relevant Pages
|
Loading
