[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Binding Problem Revisited
Sorry to bother you all, again. But it seems as if I'm just filled with
frustration (or perhaps I can't see the obvious) in trying to get simple
UNIX authentication working..
Would someone be so kind to tell me if the below ACL would work:
ALL LDIF entries look like this:
---------------------------------------------------
dn: uid=jnoviell,location=Dorval,o=Matrox,c=CA
objectclass: Person
username: jnoviell
cn: Joe Novielli
uid: jnoviell
mail: jnoviell@matrox.com
location: Dorval
sn: Novielli
userPassword: {crypt}2FkhqxpuoxVDY
telephoneNumber: XXX-XXX-XXXXX ext: XXXX
status: Active User
dn: uid=jostiguy,location=Dorval,o=Matrox,c=CA
objectclass: Person
username: jostiguy
cn: Jean-Jacques Ostiguy
uid: jostiguy
mail: jostiguy@matrox.com
location: Dorval
sn: Ostiguy
userPassword: {crypt}S1QfrF4z/n5JE
telephoneNumber: XXX-XXX-XXXXX ext: xxxx
status: Active User
---------------------------------------------------
ACL looks like:
---------------------------------------------------
access to attr=userpassword
by self write
by * compare
access to *
by dn="uid=jnoviell,location=Dorval,o=Matrox,c=CA" read
by * none
----------------------------------------------------------
Now, I've tried it with perLDAP example script (see:
http://www.mozilla.org/directory/faq/perldap-faq.html#_ldap_10), but it
doesn't want to BIND with the username jnoviell (except if I replace my
ACL's "by * none" with "by * read") which then let's everyone read.
I'm using Openldap 1.2.4 with threads on Solaris (sleepycat as backend db)
Sorry, if I'm being a pain in the ...
--------------------------------------------------------------------------
Joe Novielli x.7703 Email: jnoviell@matrox.com
MIS Department
Matrox Electronic Systems Inc. http://www.matrox.com
1055 St-Régis Tel: (514) 822-6000 x. 7703
Dorval, Québec Fax: (514) 822-6262
Canada, H9P 2T4
--------------------------------------------------------------------------