[Kolab-devel] Re: [Kroupware] kolab and Novel eDirectory

Stephan Buys list at codefusion.co.za
Wed Oct 8 08:53:35 CEST 2003


Hi Dieter,

I have just confirmed with our client (they are quite versed in Active Directory,
doing all the schema related work, etc.) that there is a userPassword attribute
available if you create a inetOrgPerson. So hopefully that should be one less
hurdle.

Regards,
Stephan

On Tuesday 07 October 2003 21:36, Dieter Kluenter wrote:
> Hi Stephan,
>
> Stephan Buys <list at codefusion.co.za> writes:
> > We will be pointing SASL on the Kolab box to use Active Directory through
> > LDAP. This should work without having to dig too deep into Kerberos (not
> > that I am oppossed to it :-)
>
> I cc: this mail to kolab-devel, so we can discuss this matter further.
> I'm working on using sasl and  gss-api with NET.server2003 AD, but it
> will be a long way.
> sasl or saslauthd might be able to contact AD, but there is no
> userPassword entry to authenticate against, but only a
> userPrinicicalName attribute, which is the users kerberos principal.
>
> An application may use the value of this attribute to aquire a
> granting ticket from KDC, but I don't know wether saslauthd can do
> this.
>
> -Dieter
>
> > On Tuesday 07 October 2003 16:26, Dieter Kluenter wrote:
> >> Hi,
> >>
> >> Stephan Buys <list at codefusion.co.za> writes:
> >> > Hi,
> >> >
> >> > We are starting Active Directory 2003 work within the next two weeks,
> >> > the result will be a Kolab server that can integrate into any kind of
> >> > LDAP system as long as the right schema exists.
> >>
> >> Good luck :-)
> >> You have to think about a complete different way of database updating,
> >> which is done by kolab now acting as slurpd. Schema design in AD is a
> >> pain, I have a 2003 AD in my test environment :-(
> >> Don't forget that authentication is done via kerbros, so you have to
> >> use a kerberos principal instead of email ID.
> >>
> >> -Dieter
> >
> > _______________________________________________
> > Kroupware mailing list
> > Kroupware at mail.kde.org
> > http://mail.kde.org/mailman/listinfo/kroupware





More information about the devel mailing list