Wednesday, May 4, 2022

[389-users] Re: 389ds External LDAP Authentication

Define "get authenticated" here. What do you think that means?

LDAP isn't "single sign on". You can't just "get authenticated". You can have a situation where an account that exists on AD can "proxy" auth through 389-ds, but you still "authenticate" to 389-ds and it forwards it back to the AD provider.

But you can't do something like oauth where once you authenticated to AD you "magically" are authenticated to 389-ds.

Like, I think you need to be much more specific about *what* you are trying to achieve here, because you are being extremely vague, and in your current form we can't help you.

What do you want a user to be able to do? Describe your environment? The applications?

Thanks,

> On 4 May 2022, at 22:08, parimala nitesh <parimalanitesh@gmail.com> wrote:
>
> Yes Willam, I'm expecting something like that. After integration, if some users are getting added on external_ldap they should also get authenticated on 389ds
>
> note: external ldap can be 389ds or openldap or windows AD
>
> Regards
> Parimala Nitesh
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
> Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

--
Sincerely,

William Brown

Senior Software Engineer,
Identity and Access Management
SUSE Labs, Australia
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

No comments:

Post a Comment