|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
User's deletion in OpenLDAP
Post 302393470 by ghimakiran on Tuesday 9th of February 2010 01:15:32 AM
02-09-2010
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hello!
I'm starting to panic here!
I'm trying to authorize Subversion (via apache) users at my company here via LDAP.
Sure everything works when just authorizing users with require valid-user
But! That is not what I'm looking for, I wish to Authorize by membership in specifik groups...
This... (0 Replies)
Discussion started by: Esaia
0 Replies
2. AIX
hello
I have a P570 with 3 partitions.
These partitions are available, since 1 year. So there are a lot of users, files, etc, on these partition
I must now install an openldap with Debian to manage all these users.
But several pb:
on LDAP, we are 1 iud for user and one home directory, 1 gid... (0 Replies)
Discussion started by: pascalbout
0 Replies
3. Red Hat
Hi, all:
I'm studying for the RHCE and have hit the section on configuring an OpenLDAP client. I'd like to practice this, but I can't get an OpenLDAP server set up. I followed the directions in RedHat's Deployment Guide, and it looks like the server is up and running, but I can't get the... (0 Replies)
Discussion started by: rjlohman
0 Replies
4. Solaris
At work I'm been givin the task to move are backend servers from NIS to LDAP. We have mostly Solaris 10 servers, as well as a few Redhat servers. I am going to use openLDAP as the LDAP server. I'm looking for a good how to guide on setting up the openLDAP server. Most of the docs I have found seem... (0 Replies)
Discussion started by: bitlord
0 Replies
5. Solaris
I m using Intel solaris 10 version . I m trying to install openldap and used several documents and package versions .
But every time I got CC PATH error and while I solved the CC issue , I got Barkley DB error . :wall:
Is there any perticular site from where I can install and configure... (1 Reply)
Discussion started by: sanjee
1 Replies
6. Red Hat
Hello,
I am working on setup LDAP Server and facing issue related to assigning user to a group. Below is the LDAP structure i am using.
I have created Users,Groups and Servers ou's and sub ou's added to the same or Users as well as Groups OU.
Logged in as: cn=Manager,dc=bebolabs,dc=net
... (0 Replies)
Discussion started by: sunnysthakur
0 Replies
7. Linux
Hello,
i try to add user john to secondary group, named groupB
this will add as primary group,
how can i add to secondary group??
dn: cn=groupB,ou=Groups,dc=ldap-server,dc=com
changetype: modify
add: memberuid
memberuid: john (1 Reply)
Discussion started by: prpkrk
1 Replies
8. Shell Programming and Scripting
Can someone help me with a shell script that will send an email to a set of email ids when a user id is created or deleted on AIX system.
Also, if the script can let the admin know when a particular user id's password will expire. (2 Replies)
Discussion started by: ggayathri
2 Replies
9. Emergency UNIX and Linux Support
Can someone help me with a shell script that will send an email to a set of email ids when a user id is created or deleted on AIX system.
Also, if the script can let the admin know when a particular user id's password will expire. (4 Replies)
Discussion started by: ggayathri
4 Replies
10. UNIX for Dummies Questions & Answers
Dear All,
It would be really nice, if you could help me to write a script for deletion of list of user( more than 15000 users) stored in a file and sorted by email address( i need deletion of only a particular type of mail address).
Is the any script to write and take the file as input and... (3 Replies)
Discussion started by: Chand
3 Replies
LEARN ABOUT MOJAVE
authen::sasl::perl
Authen::SASL::Perl(3) User Contributed Perl Documentation Authen::SASL::Perl(3) NAME
Authen::SASL::Perl -- Perl implementation of the SASL Authentication framework SYNOPSIS
use Authen::SASL qw(Perl); $sasl = Authen::SASL->new( mechanism => 'CRAM-MD5 PLAIN ANONYMOUS', callback => { user => $user, pass => &fetch_password } ); DESCRIPTION
Authen::SASL::Perl is the pure Perl implementation of SASL mechanisms in the Authen::SASL framework. At the time of this writing it provides the client part implementation for the following SASL mechanisms: ANONYMOUS The Anonymous SASL Mechanism as defined in RFC 2245 resp. in IETF Draft draft-ietf-sasl-anon-03.txt from February 2004 provides a method to anonymously access internet services. Since it does no authentication it does not need to send any confidential information such as passwords in plain text over the network. CRAM-MD5 The CRAM-MD5 SASL Mechanism as defined in RFC2195 resp. in IETF Draft draft-ietf-sasl-crammd5-XX.txt offers a simple challenge- response authentication mechanism. Since it is a challenge-response authentication mechanism no passwords are transferred in clear-text over the wire. Due to the simplicity of the protocol CRAM-MD5 is susceptible to replay and dictionary attacks, so DIGEST-MD5 should be used in preferrence. DIGEST-MD5 The DIGEST-MD5 SASL Mechanism as defined in RFC 2831 resp. in IETF Draft draft-ietf-sasl-rfc2831bis-XX.txt offers the HTTP Digest Access Authentication as SASL mechanism. Like CRAM-MD5 it is a challenge-response authentication method that does not send plain text passwords over the network. Compared to CRAM-MD5, DIGEST-MD5 prevents chosen plaintext attacks, and permits the use of third party authentication servers, so that it is recommended to use DIGEST-MD5 instead of CRAM-MD5 when possible. EXTERNAL The EXTERNAL SASL mechanism as defined in RFC 2222 allows the use of external authentication systems as SASL mechanisms. GSSAPI The GSSAPI SASL mechanism as defined in RFC 2222 resp. IETF Draft draft-ietf-sasl-gssapi-XX.txt allows using the Generic Security Service Application Program Interface [GSSAPI] KERBEROS V5 as as SASL mechanism. Although GSSAPI is a general mechanism for authentication it is almost exlusively used for Kerberos 5. LOGIN The LOGIN SASL Mechanism as defined in IETF Draft draft-murchison-sasl-login-XX.txt allows the combination of username and clear-text password to be used in a SASL mechanism. It does does not provide a security layer and sends the credentials in clear over the wire. Thus this mechanism should not be used without adequate security protection. PLAIN The Plain SASL Mechanism as defined in RFC 2595 resp. IETF Draft draft-ietf-sasl-plain-XX.txt is another SASL mechanism that allows username and clear-text password combinations in SASL environments. Like LOGIN it sends the credentials in clear over the network and should not be used without sufficient security protection. As for server support, only PLAIN, LOGIN and DIGEST-MD5 are supported at the time of this writing. "server_new" OPTIONS is a hashref that is only relevant for DIGEST-MD5 for now and it supports the following options: - no_integrity - no_confidentiality which configures how the security layers are negotiated with the client (or rather imposed to the client). SEE ALSO
Authen::SASL, Authen::SASL::Perl::ANONYMOUS, Authen::SASL::Perl::CRAM_MD5, Authen::SASL::Perl::DIGEST_MD5, Authen::SASL::Perl::EXTERNAL, Authen::SASL::Perl::GSSAPI, Authen::SASL::Perl::LOGIN, Authen::SASL::Perl::PLAIN AUTHOR
Peter Marschall <peter@adpm.de> Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl-ldap@perl.org> COPYRIGHT
Copyright (c) 2004-2006 Peter Marschall. All rights reserved. This document is distributed, and may be redistributed, under the same terms as Perl itself. perl v5.18.2 2010-03-11 Authen::SASL::Perl(3)