[p4] LDAP authentication via sAMAccountID

Tim McDaniel tmcd at panix.com
Thu Aug 6 17:16:31 PDT 2009


Unfortunately, I know little about Active Directory, LDAP,
or the APIs, so my apologies if I get this request wrong.

We're considering how to authenticate against a Windows domain
controller when the Perforce server (2008.2) is running on a Linux
box.  I believe that means it's Active Directory.
<http://kb.perforce.com/AdminTasks/TriggersAndDaemons/SettingUpExt..ionTriggers>
appears to be the applicable Knowledge Base article.

First: how do p4authenticate.c and p4authenticate.pl, in the initial
section of that article, differ from Unix p4auth_ad.cpp and Linux
24x86 binary p4auth_ad in the "Active Directory vs. LDAP server"
section?

Also,

     Please note that the provided AD scripts work by using the cn for
     authentication. It expects the cn to be equal to the sAMAccountID,
     the short name without spaces that users generally use to log into
     their machine. If cn fields on your AD server have been changed to
     include spaces, you need to modify the scripts below to do a
     lookup on the sAMAccountID and retrieve the cn before attempting
     the AD authentication component.

Indeed, our cn fields do have spaces (e.g., cn="Tim McDaniel") when
sAMAccountName is what we need (e.g., sAMAccountName="tmcdaniel").

I know little at the moment: I don't suppose anyone happens to have
existing code sitting around that I might adapt and use?

-- 
Tim McDaniel, tmcd at panix.com



More information about the perforce-user mailing list