[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: uid case sensitivity



I think there's a step missing here.  Basically, you "log in" to an ldap server by binding
as a dn and a password, not a uid and password.  To use a uid, you first need to bind
anonymously, search for the uid in the server, then bind as the dn that is returned using
the password supplied, as far as I know (don't think there is a way to bind using uid/pass).

I wouldn't think changing the uid from cis to ces would affect this, though I'm not sure
making the uid ces is necessarily a good thing.  Why do you need to make uid's case
sensative (I can think of a few reasons, but just wondering)?

Whatever is logging in, though, may be doing something to the uid before comparing it
(like lowercasing or uppercasing it before the compare).  What is trying to log in?  Is
this via ldapsearch or a home spun script, or some server product that auths against LDAP?

BTW - on Netscape's DS, userpassword is typed as bin instead of ces.  Wonder
if there are compatibility issues here if opendap's userpassword is ces (I play with
OpenLDAP when I can, but we have Netscape's DS in production, so I'm more familiar
with it's schema...)

Jay Christner wrote:

By default uid's are case insensitive (cis) and userpasswords are case
sensitive (ces).  I am trying to figure out how to make it so both uid and
userpasswords are case sensitive (ces).  Whenever we try to change the cis
to ces in the slapd*at.conf files we aren't able to login at all, changing
the uid back to cis works fine though.
Is there some other way to do this, or are we just missing something
really stupid here?
(Note:, I am not directly working on this myself, but I can get more
information as needed.)
Thanks for any help.
-jay
-----------------------------------------------------------------------------
-- 
 Jeff Clowser               
 mailto:jclowser@aerotek.com       Hanover MD  21076 USA
 Phone: (410)-579-4328             7312 Parkway Drive