When to use External Pwd Chk in LDAP config

Posted by Sumeet on Oct 6, 2007 in Documentum |

The following is a list of options for the user authentication options in Content Server (CS) :

1. OS Authentication mode

2. LDAP Authentication mode

3. OS-integrated LADP Authenticated mode

Each of the options uses different methods for the authentication as below:

1. OS Authentication mode uses dm_check_password binary

2. LDAP Authentication mode uses LDAP server directly.

3. OS-integrated LADP Authenticated mode uses LDAP server but indirectly through dm_check_password which recompiled with LDAP option.

You can specify which mode can be used for a specific user through dm_user attribute configuration (mode 1 and mode 2). However, you cannot mix with mode 3.

To make sure you are using mode 3 or not, please check use_ext_auth_prog LDAP config object attribute. If it is checked, it indicates CS server is configured to use a LDAP enabled dm_check_password.

In case, a machine is configured to use mode 1 and 2, EXTERNAL PASSWORD CHECKING (use_ext_auth_prog) in LDAP config object box shouldn’t be checked.

If you plan to use LDAP enabled dm_check_password, it is required a re-compiled dm_check_password with LDAP option (proper permission set + owner to ROOT) and tick the use_ext_auth_prog option in LDAP config section.



Copyright © 2021 dm_maniacs All rights reserved. Theme by Laptop Geek.

wordpress stats