[Catalyst] Catalyst::Authentication::Credential::LDAP

Bruce J Keeler bruce at drangle.com
Wed Jul 23 20:16:16 BST 2008

Peter Karman wrote:
> On 07/22/2008 10:37 PM, Matt S Trout wrote:
>> On Wed, Jun 25, 2008 at 11:27:13AM -0700, Bruce J Keeler wrote:
>>> Also, somewhat apropos, I have a 
>>> C::A::{Store,Credential}::ActiveDirectory  that I based on the LDAP 
>>> stuff.  The LDAP modules didn't work for me because they want to bind 
>>> anonymously and retrieve the crypted password, whereas AD just wants to 
>>> authenticate with a bind.
>> So, having established this isn't true.
>> Could you perhaps instead post a message asking why your config of the
>> main LDAP store didn't work so we can figure out what configuration problem
>> you had and document it?
> likely he is missing a 'binddn' and 'bindpw' config setting. The initial bind() will try
> anonymously if those are not set. What I usually do for Active Directory is create a user
> specifically for use with Net::LDAP (and by extension, C::A::Store::LDAP), and then do all
> my initial binds with that user/pass.
> 'binddn' and 'bindpw' are fully documented; if the docs can be improved, please send a patch.
I seem to recall trying that, but it's been long enough that I don't 
recall the details of what went wrong.

The other reason I went off in my own direction is that I wanted to pull 
role information from AD groups, and I couldn't see any way of making 
that work with the stock ::LDAP modules.  I will try to make some time 
to revisit this stuff soon.


More information about the Catalyst mailing list