TweetI got this idea (from this blog post) that it would be cool and great if we had an IRC server to facilitate communication within our team. I started checking out some different IRC servers to see which ones supported the main features I wanted (LDAP auth & SSL). I started out with ratbox but [...]
TweetJust putting this here for safekeeping since I couldn’t remember the exact syntax. [evan@ehoffman 10:35:50 ~]$ ldapsearch -x -LLL -D "ldapuser@example.com" -w password -b "OU=Users,DC=example,DC=com" -s sub -H ldaps://activedirectory.example.com "(sn=hoffman)" cn mail displayName samaccountname dn: CN=Evan Hoffman,OU=Tech,OU=Users,DC=example,DC=com cn: Evan Hoffman displayName: Evan D. Hoffman sAMAccountName: ehoffman mail: Evan.Hoffman@example.com Explanation: Connect to activedirectory.example.com using ldaps (SSL) [...]
TweetA few months ago I was on a quest to figure out how to change my Active Directory password via a browser (for Linux/Mac users). I finally figured it out, but since I’ve been working on this Exchange 2010 migration I noticed one of the features of OWA (Outlook Web App) in Exchange 2010 is [...]
TweetI found a script a few months ago that generated a CSV report of mailbox size, which included the Mailbox Name (usually the user’s name), size in Kbytes, number of items, which server it’s on, etc. This was very helpful, but I wanted to see which department within the company used the most space on [...]
TweetI had to give up on PHP and go to Perl, but it turned out not to be so bad. Users can now change their Active Directory passwords via a self-service web page that doesn’t require admin credentials. The Perl code is below. Authentication to the script is done via .htaccess LDAP authentication, so the [...]
TweetSo I got everything working with .htaccess and AD/LDAP authentication. Just add LDAPVerifyServerCert Off to the httpd config to let Apache authenticate against an AD server with a self-signed certificate (without dealing with the annoyance of putting the cert on each Apache server). With that piece of the puzzle largely solved, I moved on to [...]
TweetFollowing up on my previous post, it turned out not to be as big of a deal as I’d originally expected to have Apache authenticate against AD and only allow users whose accounts weren’t disabled. In a nutshell, here’s what I did:
TweetOne project we’ve been working on for a while is single sign-on across all our servers and other services (e.g. SVN repository, a few other things). One thing I wanted to avoid, I guess for mostly religious reasons, was reliance on a Windows instance for any of our production environment. The logical part of my [...]
Recent Comments