[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: objectClass for bindDN
Dave Horsfall writes:
> What sort of objectClass do people generally use for the bindDN?
> We're using extensibleObject (set up by my predecessor)
I've used organizationalRole + simpleSecurityObject (for "Manager"),
person (for a personal name) or account + simpleSecurityObject (for a
username). The simpleSecurityObject and person object classes allow the
userPassword attribute.
Or I've just used rootdn and rootpw in slapd.conf, with no corresponding
entry in the directory.
> and I'm seeing obscure problems such as the userPassword attribute not
> being copied during a sync (not a replication).
There have been problems with extensibleObject until recently (OpenLDAP
2.1.10 or something), but I can't imagine how that one would happen.
Still, it might help to upgrade to the latest release.
--
Hallvard