Configuring OpenLDAP pass-through authentication to Active Directory

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm From OpenLDAP 2.4 Administration guide, “Since OpenLDAP 2.0 slapd has had the ability to delegate password verification to a separate process. This uses the sasl_checkpass function so it can…


Sample Java application that retrieves group membership of an Active Directory user account.

This posting is provided “AS IS” with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm This is a sample Java application that utilizes JNDI to access Active Directory and retrieves group membership of a user. This application uses computed tokenGroups attribute of a user…

2

Active Directory Schema Design Considerations and Auxiliary Classes

This posting is provided “AS IS” with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm This blog addresses one very specific but important issue around rules of creating auxiliary classes, and as most of my blogs, is based on something I stumbled upon while…

1

UNIX/LINUX Kerberos Authentication from the point of view of Windows Administrators

This posting is provided “AS IS” with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm   First small disclaimer: This blog is not intended to provide a reader with detailed knowledge of UNIX/LINUX authentication and authorization mechanisms, but rather aimed to highlight some points…

1

How to interpret encryption types definitions in krb5kdc.log on UNIX KDC, during configuration of trust relationship between MIT V5 Realm and Active Directory

This posting is provided “AS IS” with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm     First of all why this is even important? Well, if you ever tried to configure a trust relationship between MIT V5 Realm and AD, I am sure…

1