[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
SASL troubles
Hello all,
I'm trying to setup an LDAP server, and there are some difficulties
which I have seen. It is OpenLDAP 2.0.11 with Cyrus SASL 1.5.24, and,
in general, it worked.
First, I applied simple restriction on my database:
access to * by dn=uid=user,dc=mariinsky,dc=ru read
Then I was unable to even bind with ldapsearch. After a hour of
debugging I had figured out that I need:
access to ^$ by * read
for ldapsearch to work correctly. It does anonymous search of
supportedSASLMechanisms before actual bind.
Second, in the Administrator's Guide there are "SASL-based" examples
of rootdn etc:
rootdn "uid=user@EXAMPLE.COM"
But it does not work. I was needed to investigate the problem and
write:
rootdn "uid=user+realm=my.sasl.realm"
I'm just wondering, why these not-so-easy things is not documented
anywhere?
WBR, Pavel mailto:flicker@mariinsky.ru icq:52216261