Define "get authenticated" here. What do you think that means?
LDAP isn't "single sign on". You can't just "get authenticated". You can have a situation where an account that exists on AD can "proxy" auth through 389-ds, but you still "authenticate" to 389-ds and it forwards it back to the AD provider.
But you can't do something like oauth where once you authenticated to AD you "magically" are authenticated to 389-ds.
Like, I think you need to be much more specific about *what* you are trying to achieve here, because you are being extremely vague, and in your current form we can't help you.
What do you want a user to be able to do? Describe your environment? The applications?
> On 4 May 2022, at 22:08, parimala nitesh <email@example.com> wrote:
> Yes Willam, I'm expecting something like that. After integration, if some users are getting added on external_ldap they should also get authenticated on 389ds
> note: external ldap can be 389ds or openldap or windows AD
> Parimala Nitesh
> 389-users mailing list -- firstname.lastname@example.org
> To unsubscribe send an email to email@example.com
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://firstname.lastname@example.org
> Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Senior Software Engineer,
Identity and Access Management
SUSE Labs, Australia
389-users mailing list -- email@example.com
To unsubscribe send an email to firstname.lastname@example.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://email@example.com
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure