Asu Vohra wrote:
Hi,
I have a query regarding authentication to LDAP. This query might be a silly one as I have a very limited knowledge on LDAP. Is it true that all the users listed in the LDAP directory will be able to authenticate to LDAP?
Well, it depends. It depends on your authentication mechanism.
If your authentication mechanism is as simple as trying to bind to a directory server and check for success/failure, then each and every user that can authenticate on the directory server can also authenticate to your services.
If your authentication mechanism needs also to do a search to check if some requirements are met (like, e.g.: (&(objectclass=person)(manager=myboss)), then you would probabily need to authenticate as a search-enabled user and then perform a search. This way only users that have some common characteristics can authenticate to the service.
Also, can anyone direct me to appropriate documents which can enhance my knowledge of LDAP?
Uhm... I am looking forward to hear other's replies! :-)))
Ciao --bronto
--
Marco Marongiu Tiscali S.p.A.
System Engineer S.S. 195, km 2,300
IT Systems Management Dept. Loc. "Sa Illetta"
Phone: +39 070 460 1684 09122 Cagliari (CA)
Fax: +39 070 460 9684 Sardegna - Italia
------------------------------------------------------------------------
Success is merely the perspective of sitting on top of a large
pile of failures
-- Pete Collins, Founder of mozdevgroup.com
------------------------------------------------------------------------
