I haven't worked with the integrated remote auth yet, I still use SASL.. It is
something that we have on the backburner to migrate to, if it works anything
like SASL, you need a userPassword that had a directive, like
{SASL}user@domain But that is because it's hijacking the HASHing process,
form what I understand. If you have a link to the docs, I'll take a look and
see what I can find..
From: Dino Edwards <[email protected]>
Sent: Thursday, February 27, 2025 10:07 AM
To: Bradley T Gill <[email protected]>; 'Quanah Gibson-Mount'
<[email protected]>; [email protected]
Subject: RE: [EXTERNAL] RE: OpenLDAP Pass-through Authentication
You probably need to delete the userPassword attribute? That was a good idea
actually, but sadly it didn't work either. Same behavior as before. There is
absolutely no indication it's trying to perform remote authentication. > It
won't work
* You probably need to delete the userPassword attribute?
That was a good idea actually, but sadly it didn't work either. Same behavior
as before. There is absolutely no indication it's trying to perform remote
authentication.
> It won't work as explicitly stated in the manual page: > "If the userPassword
> is present, authentication is performed locally" The userPassword field is
> absolutely empty. I don't know why it shows the ":?" column there, but Apache
> Directory
