[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: objectClass for bindDN
On Thu, 16 Jan 2003, Hallvard B Furuseth wrote:
> > What sort of objectClass do people generally use for the bindDN?
> > We're using extensibleObject (set up by my predecessor)
>
> I've used organizationalRole + simpleSecurityObject (for "Manager"),
> person (for a personal name) or account + simpleSecurityObject (for a
> username). The simpleSecurityObject and person object classes allow the
> userPassword attribute.
Thanks; I'll give that a whirl. I had a look at the standard classes,
but couldn't see anything that leaped out and yelled "Use me!". Which
is probably why my predecessor used extensibleObject :-(
> Or I've just used rootdn and rootpw in slapd.conf, with no corresponding
> entry in the directory.
I'd rather not mix the two, but yeah, that is one way.
> > and I'm seeing obscure problems such as the userPassword attribute not
> > being copied during a sync (not a replication).
>
> There have been problems with extensibleObject until recently (OpenLDAP
> 2.1.10 or something), but I can't imagine how that one would happen.
> Still, it might help to upgrade to the latest release.
First, I have to get my directory normalised :-) I'm finding all sorts
of obscure problems when using ldaputils from fynet.com (just using
ldapsync showed me heaps of mis-matched DN/RDN attributes).
--
Dave Horsfall DTM VK2KFU daveh@ci.com.au Ph: +61 2 9906-7866 Fx: 9906-1556
Corinthian Engineering, Level 1, 401 Pacific Hwy, Artarmon, NSW 2064, Australia