What's the best authentication scheme when you are dealing with an
active directory that someone else controls? I've been using pam
configured for smb and local passwords where a local account is needed
for real logins (but either the domain or local password will work) and
web services don't require a local account. That's most of the
functionality I want and it doesn't take pre-arrangement with the AD
administrator, but I have to glue mod_auth_pam into httpd and I'm not
sure how to duplicate it for java web services.
Is there a way to use an LDAP proxy in a similar way so I can add
accounts of my own but also accept anything from one or more AD's? Or
some better approach entirely?
--
Les Mikesell
lesmikesell at gmail.com