[GRLUG] Looking for LDAP/ActiveDirectory coders.
Ben DeMott
ben.demott at gmail.com
Thu Jul 2 22:58:03 EDT 2009
Ahh LDAP 3.0 - Serverless Binding - not sure what else implements this.
:)
On Thu, Jul 2, 2009 at 10:49 PM, Ben DeMott <ben.demott at gmail.com> wrote:
> Right, but how for example in Active Directory would you obtain this
> information without Authenticating?
> If you authenticate (BIND), you are using a UserPrincipalName which looks
> like me at mycompany.local - which means you already know my Distinguished
> Name or a combination of my samaaccountname and distinguished name (eek)
> So then isn't that defeating the purpose? or am I not aware of some manner
> to anonymously query Active Directory for its first DC ?
>
> And I was referring to all of the account attributes that are proprietary
> when I said they would be different - if nothing else ya gotta give me that
> samaaccountname is proprietary and still needed.
>
>
> On Thu, Jul 2, 2009 at 10:38 PM, Adam Tauno Williams <
> awilliam at whitemice.org> wrote:
>
>> >The biggest problem I've encountered with accessing Ldap Servers seeem to
>> be Chicken and Egg
>> issues.
>> >Some ldap drivers require the domain you want to connect to. I don't want
>> to connect to a
>> Domain I want to connect to a Server -
>> >And ask the server what domains it has present - this is different across
>> most AD servers.
>> >(almost none of this would be the same across Microsoft, IBM, Novell,
>> Sun,
>> and other directory servers)
>>
>> Actually it is, you need to perform the standard query for the rootDSE
>> object by which the client can acquire this information.
>> _______________________________________________
>> grlug mailing list
>> grlug at grlug.org
>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shinobu.grlug.org/pipermail/grlug/attachments/20090702/88aa553e/attachment.htm
More information about the grlug
mailing list