On Tue Nov 22 2005 at 14:25:26 CET, James Davis wrote:
> What form of server_condition line do I need for my authenticator? I've
> looked through the archives and read the section in the book but nothing
> quite fits my setup. Users can be found anywhere under
> dc=jolt,dc=co,dc=uk and have their password stored using 'crypt'. I'd
> like them to be able to use their uid as their password.
^^^^^^
I do hope that is a typo ... ;-)
Perhaps this will help:
ldap_plain:
driver = plaintext
public_name = PLAIN
server_prompts = "LDAP Username:: : LDAP Password::"
server_condition = \
${\
lookup ldap { \
user="${lookup ldapdn {user=BINDDN pass=BINDPW ldaps:///BASEDN?dn?sub?(&(uid=${quote_ldap:$2})(mail=*))}}" \
pass="$3" \
ldaps:///BASEDN?uid?sub?(&(uid=${quote_ldap:$2})(mail=*)) \
}{yes}fail \
}
# value for $authenticated_id
server_set_id = $2
Regards,
-JP
