Matthias Löbe wrote:
Hello,
we installed Virtuoso version 05.09.3035 on Debian and want to use OpenLDAP as an authentication
service. We succesfully connected to the LDAP server in Virtuoso Conductor >> System Admin
>> User Accounts >> LDAP Servers, and could possibly import user data manually.
However, wenn we try to user LDAP login and password to connect to Virtuoso Conductor "at
runtime", user authentification failed due to "Invalid credentials" (LDAP error code
49?).
If we specify LDAP settings in Virtuoso Account Management, I can see the
succesful LDAP bind at network level using wireshark. On the other hand, when
logging into Virtuoso Conductor, there is no bind attempt made by Virtuoso to
LDAP.
Is this functionality for one-time importing user data only?
Hi,
It does work for dynamic lookups, with three provisos:
a) Virtuoso has to make the connection to ldap as the admin/root user in ldap;
b) you correctly assign the field to be used as a password;
c) the ldap password will be treated as plaintext by Virtuoso. Hence, if
you've used e.g. SHA1-hashing on your LDAP store, prepare to type some very
long strings into ODS login password boxes.
HTH,
~Tim
--
Tim Haynes
Product Development Consultant
OpenLink Software
<http://www.openlinksw.com/>
