We are changing web SSO technologies, need to move some of our LDAP
backed web applications away from using GSSAPI-based authentication.
The apps in question are provided kerberos TGTs by our SSO, which the
applications then use to bind (as the user), accessing the LDAP backend
with the user's credentials.

We're using the Shibboleth Identity Provider (v3.x) - which provides
SAML2 based authentication. We do not use NAM in our environment.
I'm not sure how this would be feasible... but is is possible to use a
SAML authn response when binding over LDAP?


liamr's Profile: https://forums.netiq.com/member.php?userid=1044
View this thread: https://forums.netiq.com/showthread.php?t=57358