Forum .LRN Q&A: Re: External Authentication

Posted by Rocael Hernández Rizzardini on
Hello Al,
I've been working with most of it, so I offer my self to document it. At Galileo we are using LDAP plus some specific modifications that are needed here. Also I plan to *extract* the IMS stuff in there to ims-ent for oacs 5.2.

Is this urgent? (we are about to launch .LRN at Galileo university-wide, so I'll prefer to do it right after, something like in the first week of september?)

Posted by Alfred Essa on
Roc...thanks. no this is not urgenet. We will also will not get to this until we launch on .LRN 2.x.
Posted by Malte Sussdorff on
Hi Rocael,

can you post some information on what you did exactly, as we need it in Darmstadt to authenticate against LDAP and sadly currently both ns_pam and ns_ldap modules fail (the former with an ad_raise notfound, the latter with "no available pools" though we copied the information from you).

Posted by Rocael Hernández Rizzardini on
Hello Malte,
are you using oracle?
strange, the no available pools is something that I haven't found yet in our prod/dev servers....

where did you get the ns_ldap module?

here's our config.tcl nsldap section:

# ldap pool ldap

ns_section "ns/ldap/pool/ldap"
ns_param user "cn=Manager, o=Your University"
ns_param password "yourpass"
ns_param host ""
ns_param connections 1
ns_param verbose On

# ldap pools
ns_section "ns/ldap/pools"
ns_param ldap ldap

# ldap default pool
ns_section "ns/server/${server}/ldap"
ns_param Pools *
ns_param DefaultPool ldap

are you trying direct call to ns_ldap or through acs-authentication authority?