By: Sebastian Lehn user 05 Sep 2014 at 4:55 a.m. CDT

0 Responses
Sebastian  Lehn gravatar
I'm currently evaluating some open source access management solutions and would like to know, how oxAuth authenticate against Active Directory in detail. Within your documentation under http://www.gluu.org/docs/admin-guide/user-management/ldap-sync/ you say, that OX will sync directory entries from time to time. But what about password hashes? I know, that it is not possible to read encrypted or even clear passwords from Active Directory LDAP Server. I can imagine that you just do a LDAP Bind Request each time a user tries to authenticate. It would be great to know for availability reasons.