Directory Server NT Authentication Module 2.0.3

Directory Server NT Authentication Module provides a plugin allowing LDAP authentication via an NT domain account.
Directory Server NT Authentication Module provides a plugin allowing LDAP authentication via an NT domain account.

The Directory Server NT Authentication Module project is made of two parts: The first is a simple daemon which takes an NT user's domain credentials (including password) and attempts to authenticate via the SMB protocol with those credentials.

The second part is a plugin which takes an LDAP DN and password and discovers the DN's NT domain identifier (if the entry has such an ID).

The daemon will only listen on localhost, so the credentials are not exposed via the network, and it does not run as root, so that compromise can be limited.

It attempts to locate all the domain controllers for an arbitrary domain, so failure of one DC does not cause the module to fail the authentication attempt unless no DC can be found that will accept the credential.

What's New in This Release:

Minor change - new parameter in ntauth-config.txt "null_password_fail". If set to non-zero, then this causes a password bind with a non-NULL dn and a NULL password to generate "INVALID CREDENTIALS". By default, this parameter is off (which means silently assign the anonymous identity to the post bind LDAP session - which is the correct thing to do, according to the LDAP spec).

last updated on:
March 17th, 2007, 0:05 GMT
price:
FREE!
developed by:
Neil Dunbar
license type:
GPL (GNU General Public License) 
category:
ROOT \ Database \ Database Engines

FREE!

In a hurry? Add it to your Download Basket!

user rating 7

UNRATED
3.1/5
 

0/5

Add your review!

SUBMIT