LDAP question again

Hi,

Last time i thought i was going to avoid the LDAP connection using a Single Sign On but not !!!

No problem with SSO, but in this case i need to query the LDAP server directly (outside the SSO) to get the user list of possible notification receiver.

I could not avoid the ldap connection and here (at my work) they do not accept an annonymus bind to the LDAP (a connection name and password is required) as a security policy.

Reading documentation i found (again) System performOnServer:.

It returns a string from the executed command.

It is possible to use "ldapsearch" linux command in order to get the user list (using authentication) from LDAP and then process the resulting string in GemStone ?

This would be very good, does someone has done this before ?

Regards,
Bruno
PS: sooner or later i'm going to test this my self but now i do not have to ldap server from my notebook, yet...

Bruno,

I've forwarded your question along to our LDAP guy....

Dale

----- Original Message -----
| From: "BrunoBB" <[hidden email]>
| To: [hidden email]
| Sent: Tuesday, November 19, 2013 2:22:09 PM
| Subject: [Glass] LDAP question again
|
| Hi,
|
| Last time i thought i was going to avoid the LDAP connection using a
| Single
| Sign On but not !!!
|
| No problem with SSO, but in this case i need to query the LDAP server
| directly (outside the SSO) to get the user list of possible
| notification
| receiver.
|
| I could not avoid the ldap connection and here (at my work) they do
| not
| accept an annonymus bind to the LDAP (a connection name and password
| is
| required) as a security policy.
|
| Reading documentation i found (again) System performOnServer:.
|
| It returns a string from the executed command.
|
| It is possible to use "ldapsearch" linux command in order to get the
| user
| list (using authentication) from LDAP and then process the resulting
| string
| in GemStone ?
|
| This would be very good, does someone has done this before ?
|
| Regards,
| Bruno
| PS: sooner or later i'm going to test this my self but now i do not
| have to
| ldap server from my notebook, yet...
|
|
|
| --
| View this message in context:
| http://forum.world.st/LDAP-question-again-tp4723545.html
| Sent from the GLASS mailing list archive at Nabble.com.
| _______________________________________________
| Glass mailing list
| [hidden email]
| http://lists.gemtalksystems.com/mailman/listinfo/glass
|
_______________________________________________
Glass mailing list
[hidden email]
http://lists.gemtalksystems.com/mailman/listinfo/glass

Bruno,

From our LDAP guy:

  "I thought ldapsearch does an anonymous bind itself?

  If we can get the exact steps he uses (ldapsearch, etc) to obtain the
  fully qualified distinguished name (DN) for the authentication bind, we
  can submit a feature request for an alternative to the anonymous bind."

So we haven't done it, yet but we'd be willing to add a feature to GemStone once we understand the steps to get from anonymous to authenticated...

Dale

----- Original Message -----
| From: "Dale K. Henrichs" <[hidden email]>
| To: "BrunoBB" <[hidden email]>
| Cc: [hidden email]
| Sent: Tuesday, November 19, 2013 2:31:32 PM
| Subject: Re: [Glass] LDAP question again
|
| Bruno,
|
| I've forwarded your question along to our LDAP guy....
|
| Dale
|
| ----- Original Message -----
| | From: "BrunoBB" <[hidden email]>
| | To: [hidden email]
| | Sent: Tuesday, November 19, 2013 2:22:09 PM
| | Subject: [Glass] LDAP question again
| |
| | Hi,
| |
| | Last time i thought i was going to avoid the LDAP connection using
| | a
| | Single
| | Sign On but not !!!
| |
| | No problem with SSO, but in this case i need to query the LDAP
| | server
| | directly (outside the SSO) to get the user list of possible
| | notification
| | receiver.
| |
| | I could not avoid the ldap connection and here (at my work) they do
| | not
| | accept an annonymus bind to the LDAP (a connection name and
| | password
| | is
| | required) as a security policy.
| |
| | Reading documentation i found (again) System performOnServer:.
| |
| | It returns a string from the executed command.
| |
| | It is possible to use "ldapsearch" linux command in order to get
| | the
| | user
| | list (using authentication) from LDAP and then process the
| | resulting
| | string
| | in GemStone ?
| |
| | This would be very good, does someone has done this before ?
| |
| | Regards,
| | Bruno
| | PS: sooner or later i'm going to test this my self but now i do not
| | have to
| | ldap server from my notebook, yet...
| |
| |
| |
| | --
| | View this message in context:
| | http://forum.world.st/LDAP-question-again-tp4723545.html
| | Sent from the GLASS mailing list archive at Nabble.com.
| | _______________________________________________
| | Glass mailing list
| | [hidden email]
| | http://lists.gemtalksystems.com/mailman/listinfo/glass
| |
|
_______________________________________________
Glass mailing list
[hidden email]
http://lists.gemtalksystems.com/mailman/listinfo/glass

Dale,

Excellent !!!

regards,
bruno

Dale,

I'm not an LDAP expert. !

ldapsearch plus authentication i read it here (at B.2.4.9. Using Client Authentication When Searching):

http://www.centos.org/docs/5/html/CDS/ag/8.0/Finding_Directory_Entries-Using_ldapsearch.html

I just was playing with System performOnServer: and the idea arise.

May be also possible to execute sql queries and process the result string:
http://www.cyberciti.biz/faq/run-sql-query-directly-on-the-command-line/

May be too complicated i do not know i will try...

Regards,
Bruno