?: Technical Support support@communigate.com <CGatePro@mail.stalker.com>
??: Re: Howto: OS X Server Open Directory to serve Communigate
??: Thu, 22 Feb 2018 18:21:05 +0300
?: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>

On 2018-02-22 16:30 , Tom Rymes trymes@rymes.com wrote:
On 02/22/2018 5:52 AM, Technical Support support@communigate.com wrote:

Note also, in CGPro 6.2 it's possible to specify in account settings an LDAP URI (the new "Authentication URI" setting, http://www.communigate.com/CommuniGatePro/Accounts.html#Passwords) to which CGPro would try to "bind" using the password supplied in a protocol session, without a need for an external authentication helper.

Are there any tutorials aboiut this feature?

The ldap:// or ldaps:// URI is used to send LDAP BIND request with the password that was received during clear-text authentication in some protocol session (WebUser, IMAP, etc). If the request is successful (the credentials are correct), the authentication request in the session is considered successful.

The short description is in the manual:

Authentication URI
An External Resource can be used for authentication.
The URI (Uniform Resource Identifier) is of the form scheme://address[:port]/parameters

If the value of the scheme equals ldap or ldaps then the Server will make LDAP bind request to address using parameters as DN (Distinguished Name); and if the External Resource answers positively then the user can log into the Account. Works only with "clear text" authentication methods.
Note: for Microsoft Active Directory LDAP server as parameters instead of DN you can use DOMAIN\account where DOMAIN is the short Windows domain name and account is the value of sAMAccountName attribute of the account record in the Active Directory.

Other values of scheme are ignored.
In parameters the asterisk (*) symbol is substituted with the CommuniGate Pro Account name, the ^0 is substituted with the Domain name.

Best regards,
Dmitry Akindinov.
When answering to letters sent to you by the tech.support staff, make
sure the original message you have received is included into your
??(FEED) ??(DIGEST) ??(INDEX) ??? ?? Listmaster