[Freeipa-users] Using FreeIPA for LDAP authentication in 3rd party applications
Chris Hudson
chris at redhat.com
Fri Sep 13 15:13:52 UTC 2013
A simple bind would be using a user/password combination to access LDAP. An example of a simple bind in an ldapsearch would look something like:
# ldapsearch -x -h ldap.example.com -D uid=user1,ou=people,dc=example,dc=com -w password -b dc=example,dc=com
You can see how we are using -x (simple bind) and then -D (who to bind with?) and then -w (password) to access the LDAP database on ldap.example.com.
HTH,
Chris
----- Original Message -----
> From: "Thomas Raehalme" <thomas.raehalme at codecenter.fi>
> To: "Martin Kosek" <mkosek at redhat.com>
> Cc: freeipa-users at redhat.com
> Sent: Thursday, September 12, 2013 8:54:59 AM
> Subject: Re: [Freeipa-users] Using FreeIPA for LDAP authentication in 3rd
> party applications
> Hi!
> On Thu, Sep 12, 2013 at 3:28 PM, Martin Kosek <mkosek at redhat.com> wrote:
> > When using FreeIPA LDAP as identity source, you could ideally use
> > Kerberos/GSSAPI authentication. But if that is not available, you can use
> > simple LDAP binds too. You cannot read the hash codes unless you are
> > "cn=Directory Manager" (or unless you set ACI allowing that, but this is
> > very
> > unsecure).
> Could you please elaborate on using simple LDAP binds?
> Thanks for the detailed example!
> Best regards,
> Thomas
> --
> Thomas Raehalme
> CTO, teknologiajohtaja
> Mobile +358 40 545 0605
> Codecenter Oy
> Väinönkatu 26 A, 4th Floor
> 40100 JYVÄSKYLÄ, Finland
> Tel. +358 10 322 0040
> www.codecenter.fi
> Codecenter - Tietojärjestelmiä ymmärrettävästi
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130913/2579d936/attachment.htm>
More information about the Freeipa-users
mailing list