ldap

Consume a Web service thought an Active Directory

Well i have a project in which i have to consume a web service but authenticating in an Active Directory, i have my system written in python3, python-ldap module in not ported yet so i want to know a way to achive this "consumption". In the worst case i will create a standalone consumer in python2.5 but i want to know "howto" consume a ...

Return OU in active directory search

I have performed an active directory search and now have a SearchResultCollection of all the users in active directory. I've specified all the properties that the DirectorySearch should load, but I also want to know what OU (distinguished name) each user is in. I know I could figure it out be getting a DirectoryEntry for each user, and...

Externally hosted intranet authentication

Hi there, I'm investigating the possibilities of building a company intranet on an external Linux/Apache server (LAMP stack). I'd like to be able to restrict access to just internal company computers (and with no explicit login required). All internal traffic goes through a proxy server, but it is an external third-party proxy which is...

How do I get JNDIRealm in Tomcat to use Kerberos auth?

I am trying to run a tomcat JNDIRealm using using Kerberos for authentication (authentication="GSSAPI"). However, I'm getting this: SEVERE: Catalina.start: LifecycleException: Exception opening directory server connection: javax.naming.AuthenticationException: GSSAPI [Root exception is javax.security.sasl.SaslException: GSS init...

Reading from ADAM slow from one machine but not another

I'm trying to read from an ADAM directory using C# as well as Delphi. On some machines the code executes very fast (sub-second). On other machines the authentication is fast but reading values from the directory takes a long time (> 12 minutes). I am using the System.DirectoryServices.DirectoryEntry class in C# to access the directory....

when i execute get LDAPConnection thorugh Swing it hangs!!!

When I run following code through Main method, it works fine but when i try to execute it on click of swing button, it hangs. Please help import java.util.Hashtable; import javax.naming.AuthenticationException; import javax.naming.Context; import javax.naming.NamingException; import javax.naming.directory.DirContext; import javax.nami...

Create a G3 fax image with an ASN.1 wrapper for ldap photo

How can I create "An object encoded in G3 fax as explained in recommendation T.4, with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as defined in X.420." in C#, starting from any standard .NET image/bitmap objects? This is the LDAP definition of the photo attribute. ...

.NET LDAP paths utilities (C#)

Is there a .NET library for LDAP paths manipulations? I would like to have something equivalent to System.IO.Path, allowing e.g. to do something like string ou1 = LDAPPath.Combine("OU=users","DC=x,DC=y"); string ou2 = LDAPPath.Parent("CN=someone,OU=users,DC=x,DC=y"); Otherwise, what's the common way to deal with LDAP distinguished nam...

Connecting to LDAP from C# using DirectoryServices.

Hi, I am trying to connect to an edirectory 8.8 server running LDAP. How would I go about doing that in .Net? Can I still use the classes in System.DirectoryService such as DirectoryEntry and DirectorySearcher or are they AD specific? Do I need to specify the "Connection String" any differently? I am trying something like the code bel...

ldap authentication to AD works for groups except "domain users"

ldap authentication to AD works for groups except "domain users" - Is this issue with whitespace? ( apache6 ) Do I need to edit this row somehow to support whitespacE? roleSearch="(member={0})" ...

users in a domain with NO login scripts.

I'm trying to write an LDAP query for find all users in a domain with NO login scripts. The following works for users with a login script = db.bat: (&(objectCategory=user)(ScriptPath=DA.BAT)) However, what i thought will be the obvious logic for a Null ScriptPath field returns no values: (&(objectCategory=user)(ScriptPath="")) I'll app...

Grab username from IE, to authenticate against LDAP

The users will only use IE, and within IE it can pass their credentials without being prompted to, if they are logged onto the domain controller. What I want to know is, how do I go about grabbing their username? I thought this would do the trick: $_SERVER['auth_user'];but no luck. Just like this http://stackoverflow.com/questions/168...

how to set up tomcat ldap authentication without member of check

I need to set up LDAP authentication against domain users group in AD; there is problem that ldap authenticatin seem to require that users are member of some other group than default domain users. However when there are 10000+ users its not a solution to assign all them to another group just for this tomcat purpose. There must be anot...

How can I have super-fast dynamic configuration?

Hi, We're planning to migrate away from a series of static config files related to each client deployment. All client data lives in MySQL, the meta-data for a client deployment lives in a static text file: what database/shard to use, the repository directory/location for the file store, and a bunch more info such as default pagination...

Rails Cucumber Testing With a LDAP Server

I am trying to write some cucumber tests for my application that uses Authlogic for authentication, but actually stores users in a LDAP server. The application seems to work fine, but where I am running into trouble is writing tests for it (I know, I know, I should've wrote the tests first.) It's easy to have a test database where the d...

Java: Query Active Directory information with minimal user information

So, here's the situation. We'd like to be able to query active directory for a user's roles/group memberships, etc. Now, I can already do that using standard Java API (javax.naming), but I need a username, domain server name/address, and a password to do it. Users also have limited rights, so I can't use any external calls to fancy admin...

How to get LDAP search to use Kerberos ticket to avoid cleartext password.

I have a Tomcat configuration that uses Kerberos 5 to authenticate the user against AD server and then uses LDAP to obtain roles for authorization against a security-constraint. server.xml has this: <Realm className="org.apache.catalina.realm.JAASRealm" appName="vt-ldap" userClassNames="edu.vt.mid...

LDAP vs. ADSI in manipulation of Active Directory Users

I have been requested to expose a web service for managing Active Directory Users via an intranet. I have been advised that LDAP is viewed as a security vulnerability and is not to be used. Given this constraint, I have managed to connect via ADSI with a DirectoryEntry object like this: DirectoryEntry de = new DirectoryEntry(); de.Pa...

Getting the mailbox count from an Exchange database

I'm trying to get the mailbox count from an Exchange database by using the following query: var n = database.Properties["homeMDBBL"].Count; Where "database" is a DirectoryEntry pointing to an Exchange Database. So far so good, but the count is always wrong. Say the real count of mailboxes on this database is 200, I only get 3 or 4 ba...

stdout to variable. with mktmp, sed, grep, etc. line by line

Hi, I use ldapsearch to get some users from my LDAP-Server. The command replies something like this: uid: name.surname homeDirectory: /home/name sambaSID: S-1-4-32-224545876-87201423761-4821562975-6853 sambaHomeDrive: G: description: poI description: pPI sn: naut givenName: givenName: peter mail: [email protected] Now I want to assi...