Allow authentication against an LDAP directory without full integration
Allow MDaemon to authenticate users against an LDAP directory (by performing an LDAP bind, optionally using a proxy user first).
We don't want to and we can't let MDaemon write to our directory. Therefore it would be great if we created the user we could just say "for authentication go look at ldap server ldap.domain.com and try to authenticate there". The rest of the configuration is local in MDaemon. (We want to integrate with our LDAP, not assimilate it from MDaemon).
Thank you for sharing your idea with us to allow MDaemon to authenticate to an LDAP database. If you’re LDAP database happens to be Active Directory you can already do this.
Your request to allow MDaemon to authenticate with other 3rd party LDAP databases will be considered for future versions.
@Anonymous Querying MD via LDAP has nothing to do with this request which is about LDAP integration for MD, you should create a new suggestion for this
If possible an MDaemon integrated LDAP server with only the option of query user, alias and mailing to be able to certify the existence of one of these objects. It would be useful to manage external antispam that require a user list that is always updated and punctual, for example.
Hi, Are there any news concerning this feature? I am still wondering why something complex as AD authentication is implemented, and something so easy (and platform-independent) as an LDAP bind to verify user credentials is missing.
Our current mechanism that allows you to authenticate against Active Directory uses Windows API calls. It will not work with an LDAP database. I mentioned it just in case the LDAP server you were talking about was Active Directory.
BTW you are mixing Active Directory and LDAP all over the place in the admin interface, that should really be streamlined. I guess you mean the LDAP interface to AD all the time, so you should either call it 1) LDAP 2) AD or simply 3) the "directory (server)".
How can we do this? Binding against an LDAP server is always the same LDAP protocol, no matter whether the underlying directory is ActiveDirectory or anything else I suppose...