- Articles
LDAP Authentication OSX
This article explains LDAP authentication against an OSX 10.4 LDAP server - expanding on the docs.
The docs are fairly light in terms of LDAP authentication examples, one issue is that the format of the username generally is not a simple username (ie. BSmith) it appears OSX requires a full LDAP path to authenticate a user.
Example below:
local('LDAP') = LDAP('ldap.mydomain.com');
#LDAP->authenticate(
'uid=theUsername,cn=users,dc=ldap,dc=mydomain,dc=com',
'thePassword'
);
In order to handle failed authentications you will need to handle errors via the protect tags or within a custom function like so:
define_tag:'LDAP_authenticate',
-req = 'domain',
-req = 'username',
-req = 'password';
local(
'LDAP' = LDAP(#domain),
'path' = 'uid='#username',cn=users,dc='
+ #domain->split('.')->join(',dc=')
);
protect;
handle_error;
return:false;
/handle_error;
#LDAP->authenticate(#path,#password);
return:#LDAP->error == 0 && error_code == 0;
/protect;
/define_tag;
It's possible that this also applies to other LDAP servers but I have not had the opportunity to test against any others.
Author: Ke Carlton
Created: 14 May 2009
Last Modified: 16 Mar 2011
Comments
Please note that periodically LassoSoft will go through the notes and may incorporate information from them into the documentation. Any submission here gives LassoSoft a non-exclusive license and will be made available in various formats to the Lasso community.
LassoSoft Inc. > Home
©LassoSoft Inc 2015 | Web Development by Treefrog Inc | Privacy | Legal terms and Shipping | Contact LassoSoft