By: Sebastian Lehn user 05 Sep 2014 at 4:55 a.m. CDT

I'm currently evaluating some open source access management solutions and would like to know, how oxAuth authenticate against Active Directory in detail. Within your documentation under http://www.gluu.org/docs/admin-guide/user-management/ldap-sync/ you say, that OX will sync directory entries from time to time. But what about password hashes? I know, that it is not possible to read encrypted or even clear passwords from Active Directory LDAP Server. I can imagine that you just do a LDAP Bind Request each time a user tries to authenticate. It would be great to know for availability reasons.