使用sAMAccountName在Oracle中连接到LDAP [英] Connecting to LDAP in oracle using sAMAccountName

问题描述

我试图使用DBMS_LDAP连接到ldap服务器进行身份验证.

i was trying to use DBMS_LDAP to connect to a ldap server to do authentication.

我的问题是:

是否可以使用sAMAccountName连接到LDAP服务器?我正在使用全名进行连接，但想使用sAMAccountName，但不知道如何，我认为DBMS_LDAP.bind_s和DBMS_LDAP.simple_bind_s不允许使用sAMAccountName.

Is it possible to use sAMAccountName to connect to the LDAP server? I'm getting the connection with the full name but wanted to do with the sAMAccountName but don't know how, i think DBMS_LDAP.bind_s and DBMS_LDAP.simple_bind_s don't permit the use of sAMAccountName.

谢谢

推荐答案

通过在sAMAccountName和simple_bind_s之间添加前缀

I've been able to use bind_s and simple_bind_s directly with the sAMAccountName by prefixing it with the domain name:

l_res := DBMS_LDAP.simple_bind_s(ld => l_session,
                                 dn => l_domain || '\' || l_account_name,
                                 passwd => l_password)

我试图在Oracle文档中找到其他信息或参考，但找不到有关如何构建dn参数的任何信息.这似乎取决于AD服务器的配置.在某些设置中，例如此OTN论坛帖子中所述，似乎以便可以通过%LDAP_USER%@ourdomain.com进行身份验证.

I tried to find additional information or reference in the Oracle documentation but I couldn't find anything on how to build the dn parameter. This seems to dependent upon the configuration of the AD server. In some settings, such as described in this OTN forum post, it seems to be possible to authenticate with %LDAP_USER%@ourdomain.com.

这篇关于使用sAMAccountName在Oracle中连接到LDAP的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！