LDAP: Pass-Through Authentication Plugin


The UnboundID Directory Server provides a way to capture passwords and store those passwords in a local entry. This is useful when migrating to UnboundID Directory Server from a legacy server that does not allow the extraction of passwords, for example, NetIQ eDirectory.

Configure the Pass-Through Authentication Plugin to verify a password that is presented by a user via a Simple Bind Request against the system where the password is actually stored. Once the password is verified against the external server (by a BIND request), then the password can be stored locally, and the external server is never contacted again for that user and that user account can be deleted from the external server.

See also: Pass-through authentication.

About Terry Gardner

Terry Gardner was a leading directory services architect with experience with many large scale directory services installations and messaging server installations, and was a Subject Matter Expert in the field of Directory Services and Solaris (operating system) performance. Mr. Gardner also participated in the open-source software community. Mr. Gardner passed away in December, 2013.
This entry was posted in computing, LDAP, UnboundID and tagged , , . Bookmark the permalink.

2 Responses to LDAP: Pass-Through Authentication Plugin

  1. jeemster says:

    “..does not allow the extraction of passwords, for example, NetIQ eDirectory.’
    You just ned to know how. You should check out our tool: http://ldapwiki.willeke.com/wiki/DumpEdirectoryPasswordInformationTool

  2. Thanks for the link, it will be helpful as we migrate away from eDirectory.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s