[lug] Connecting to MS LDAP server

George Sexton gsexton at mhsoftware.com
Wed Jul 16 11:00:20 MDT 2003 

ActiveDirectory supports LDAP. I wrote an authentication module for our web
calendar that could go against AD.

Here are some of my notes about how to make our software work with AD. If
you don't allow anonymous bind, the users will have to authenticate against
the AD tree to perform queries.

*****************************************************
Introduction
*****************************************************

This document describes using LDAP authentication
against a MS Active Directory tree.

Please do the following before contacting technical
support on this provider:

   1) Read the following files closely:

        README.LDAP
        README.AD
        WEB-INF/ldap.properties

   2) Download an LDAP browser like Jarek Gawor's LDAP
   Browser\Editor (Search google for this). You can
   use the LDP program that comes on the MS Win2k Server
   CDROM, but LBE is going to be alot easier to follow

*****************************************************
Overview
*****************************************************

By default, the AD LDAP implementation does not allow
anonymous bind. You have two ways of handling this:

1) Configure your AD tree to allow anonymous bind. Essentially,
you will need to create an ACL against the appropriate
object (container) in the tree.

*****************************************************
SSL LDAP Setup on Windows
*****************************************************

Get and follow KB Article Q247078. This has been tested
and found to work.






-----Original Message-----
From: lug-admin at lug.boulder.co.us [mailto:lug-admin at lug.boulder.co.us]On
Behalf Of Michael D. Hirsch
Sent: Wednesday, July 16, 2003 10:01 AM
To: lug at lug.boulder.co.us
Subject: [lug] Connecting to MS LDAP server


Our company directory is a windows thingie.  With outlook anyone can find
any mail address, browse calendars, etc.

I'm told that MS is just doing LDAP under the hood, so in priciple I should
be able to connect the KDE address book (Kaddressbook)  to the server and
have similar access to the company directory.

Has anyone done this?  Did you have success?  As near as I can tell I've
never gotten anything from the server.

Thanks,

Michael

_______________________________________________
Web Page:  http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Join us on IRC: lug.boulder.co.us port=6667 channel=#colug

More information about the LUG mailing list