This step by step guide on how to use LDAP for external +authentication
By Malte +Sussdorff +
</authorblurb>This step by step guide on how to use LDAP for external authentication using the LDAP bind command, which differs from the approach usually taken by auth-ldap. Both will be dealt with in these section
-Install openldap. Download and +Install openldap. Download and install ns_ldap
[root aolserver]#cd /usr/local/src/[root src]#wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.2.17.tgz@@ -30,35 +28,35 @@ [root src]#./configure --prefix=/usr/local/openldap[root openldap]#make install[root openldap]# -cd /usr/local/src/ +cd /usr/local/src/ wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.2.17.tgz tar xvfz openldap-2.2.17.tgz cd openldap-2.2.17 ./configure --prefix=/usr/local/openldap --disable-slapd make install - +
-Install ns_ldap. Download and +Install ns_ldap. Download and install ns_ldap
[root aolserver]#cd /usr/local/src/aolserver/[root aolserver]#wget http://www.sussdorff.de/ressources/nsldap.tgz[root aolserver]#tar xfz nsldap.tgz[root aolserver]#cd nsldap[root ns_pam-0.1]#make install LDAP=/usr/local/openldap INST=/usr/local/aolserver[root ns_pam-0.1]# -cd /usr/local/src/aolserver/ +cd /usr/local/src/aolserver/ wget http://www.sussdorff.de/resources/nsldap.tgz tar xfz nsldap.tgz cd nsldap make install LDAP=/usr/local/openldap INST=/usr/local/aolserver - +
Configure ns_ldap for traditional -use. Traditionally OpenACS has supported +use. Traditionally OpenACS has supported ns_ldap for authentification by storing the OpenACS password in an encrypted field within the LDAP server called "userPassword". Furthermore a CN field was used for @@ -73,7 +71,7 @@
Configure ns_ldap for use with LDAP -bind. LDAP authentication usually is done by +bind. LDAP authentication usually is done by trying to bind (aka. login) a user with the LDAP server. The password of the user is not stored in any field of the LDAP server, but kept internally. The latest version of ns_ldap supports this