|
Posted by John E. Vincent on 04/01/05 01:47
Hi all,
I've search google left and right. Search archive after archive for
various tips using various search strings and I cannot for the life of
me find an answer.
Let me explain the situation. We have an LDAP directory that our users
are stored in. It's not AD or Novell just plain OpenLDAP.
A subsection of my tree looks like this:
dc=domain,dc=com
ou=People
cn=John E. Vincent,ou=People,dc=domain,dc=com
uid=foo
mail=foo@domain.com
password=bar
ou=Departments
ou=IT
cn=Intranet (groupOfUniqueNames or groupOfNames)
cn=John E. Vincent.... (alias to above ou=People entry)
Now I've been doing LDAP authentication for quite some time in various
apps through the ou=People,dc=domain,dc=com search base. My problem
comes when I want access to be group based but I want the user to log in
with his email address. All of our other web applications authenticate
with webaddress.
Now I have Apache authentication working against these groups for things
like SVN and WebDav. Apache follows the alias through to look up the
email address and password.
Same for Postfix and Courier.
I just can't seem to get the right option to work in PHP. I have a
feeling it's my search filter but I don't know. For some reason I can't
even get an filter using ldapsearch to work properly.
Dear god, all I want to do is follow the alias and verify the entered
email address and password for the entry (dereference it, correct?) =)
Can anyone provide any good pointers? I swear I've hit EVERY single
google result I could for this. I've even looked at the Net_LDAP package
but it doesn't seem to work either.
Thanks for any help that anyone can provide.
John E. Vincent
[Back to original message]
|