0

I have a requirement where I have to bind MS SQL server users with LDAP (openDJ). Currently I am seeing only option to achieve this is to have AD on SQL server and connect AD with openIDM through LDAP connector.

Is there a way this can be achieved through openAM and openDJ itself, without requiring openIDM in between.

anshuman
  • 11
  • 3

2 Answers2

1

Can you use Pass Through Authentication of OpenDJ?

https://backstage.forgerock.com/docs/opendj/2.6/admin-guide/chap-pta

https://wikis.forgerock.org/confluence/display/OPENDJ/Pass-Through+Authentication

Or JDBC Authentication Module of OpenAM?

https://backstage.forgerock.com/docs/openam/13.5/admin-guide/chap-auth-services#jdbc-module-conf-hints

Kohei TAMURA
  • 4,970
  • 7
  • 25
  • 49
  • Hi @kohei. Unfortunately no, none of the approaches is going to resolve the issue. As PTA reqires the sso to be initiated from DJ. While in my requirement SQL server looks at AD first for authentication. So it's the other way around. – anshuman May 14 '17 at 12:34
0

I got to know that there is no way to achieve this. I ended up using AD as the primary Directory store as password sync of users from DJ to AD (via IDM in between) was not possible. As the AD connectors available allow the flow of changes from AD to IDM/DJ only.

anshuman
  • 11
  • 3