sigb.us/ldap-proxy
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Initial Commit

Browse source
This commit is contained in:
Michael Aldridge 2020-08-17 01:22:17 -07:00
commit e707cb2b34
2 changed files with 40 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
LICENSE Normal file
View file

@ -0,0 +1,20 @@
Copyright 2020 Michael Aldridge
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

20
README.md Normal file
View file

@ -0,0 +1,20 @@
# NetAuth LDAP Server
The NetAuth LDAP server acts as a bridge that allows legacy systems
that understand LDAP to gain a read-only view of data in the NetAuth
server.
It is recommended to install the NetAuth LDAP server on each host that
requires this interface and to bind it to the loopback interface.
The format that the LDAP bridge exposes data in is slightly different
to that which is presented to an actual NetAuth client. The groups
are presented in a flattened format with all expansions processed, and
all groups are precented under a special `cn=groups` path. Similarly,
entities are presented under a `cn=entities` path under the base DN.
Speaking of the base DN, NetAuth doesn't have such a concept, so the
LDAP bridge takes this as a seperate configuration item on startup.
The provided format must be a valid domain name that will be split on
`.`. Prepended to this will be `dc=netauth` to clearly signify that
the data retrieved is coming from NetAuth.