Hi.
First of all, I want to note that I'm not an expert on LDAP so things I say may very well be wrong. Just point that out to me if that's the case.
As I understand LDAP (and although I'm not an expert I have set up systems that authenticate against it), I don't really understand why there should be a specific Bind DN and password.
As far as I gather, some of the systems I've set up have actually just used the username and password of the user trying to log in as their Bind authentication. If the binding is successful, further checks may be made but if it's unsuccessful, the login for that user fails.
I don't see this as an option for Zabbix. Can anyone comment on this? Is doing this a bad idea for some reason? Can it be done in Zabbix?
Kind regards, Stefan Freyr.
First of all, I want to note that I'm not an expert on LDAP so things I say may very well be wrong. Just point that out to me if that's the case.
As I understand LDAP (and although I'm not an expert I have set up systems that authenticate against it), I don't really understand why there should be a specific Bind DN and password.
As far as I gather, some of the systems I've set up have actually just used the username and password of the user trying to log in as their Bind authentication. If the binding is successful, further checks may be made but if it's unsuccessful, the login for that user fails.
I don't see this as an option for Zabbix. Can anyone comment on this? Is doing this a bad idea for some reason? Can it be done in Zabbix?
Kind regards, Stefan Freyr.
) on every system where LDAP will be used, purely for this purpose.
Comment