[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Account Login / schema question

To: openldap-software@OpenLDAP.org
Subject: RE: Account Login / schema question
From: "Tibbetts, Ric" <ric.tibbetts@ngc.com>
Date: Sat, 31 May 2003 09:43:23 -0400
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225

Bingo! The pam_filter reference was the ticket.
Thank you!!!!

Ric

PS: Also, yes, the error I get is the structural object error. But with the correction to ldap.conf, that ceases to be a problem. Using objectClass=people provides the same as "account". So I probably won't bother with creating my own objectClass.

Thanks again.

>> NOTE: The (primary) difference is the use of "account", and not using >> inetOrgPerson, and organizationalPerson objectClasses. > >To me the question seems related to PADL's pam_ldap. > >Do you by chance have > pam_filter objectclass=account >in your /etc/ldap.conf ? >That might explain why you need the account objectclass. > >> If I mix account, and inetOrgPerson, I get an error. But if I don't >> include account, the user cannot log in. > >I assume the error you get is about having not exacly one structural >object >class chain. >You can solve it by creating you own objectclass that inherits from >inetOrgPerson and account. See the list archive for how to accomplish >this. > >Peter

Prev by Date: Re: Still I am uanble to execute ldapsearch
Next by Date: slapindex, 1 million entries, some numbers
Index(es):
- Chronological
- Thread