[Date Prev][Date Next] [Chronological] [Thread] [Top]

how to resolve access authentication betwin two server?



I built two server, with different suffix such as
"o=org1,o=sss,dc=example,dc=com" and "o=sss,dc=example,dc=com". the last one
have a referral point to the first.
users that under each suffix gonna access entries of another server. for
example, "cn=g1,ou=users,o=sss,dc=example,dc=com" wanna access
"ou=business,o=org1,o=sss,dc=example,dc=com", via referral, but, problem is,
the first directory server cann't authenticate
"cn=g1,ou=users,o=sss,dc=example,dc=com", how could I do ?!

I tried to use "sasl-regexp" in configuration file of first server, but I
failed, the directive is like this:
sasl-regexp
           uid=(.*),cn=.*
           cn=$1,ou=users,o=org1,o=sss,dc=example,dc=com
or
sasl-regexp
           uid=(.*),cn=.*

ldap://192.168.0.1:389/ou=users,o=org1,o=sss,dc=example,dc=com??sub?(&(cn=$1
)(objectclass=person))

or even
sasl-regexp
           cn=(.*),ou=users,o=sss,dc=example,dc=com

ldap://192.168.0.1:389/ou=users,o=org1,o=sss,dc=example,dc=com??sub?(&(cn=$1
)(objectclass=person))

or
sasl-regexp
           cn=(.*),ou=users,o=sss,dc=example,dc=com
           cn=$1,ou=users,o=org1,o=sss,dc=example,dc=com

both the "cn=g1,ou=users,o=sss,dc=example,dc=com" &
"cn=g1,ou=users,o=org1,o=sss,dc=example,dc=com" do exist,
but I failed. the "sasl-regexp"  seemed to do not work. I donn't know how to
configure it, anyone could tell me how to do ?! if "sasl-regexp" cann't
resolve this problem, anybody has good idea?!

thank you very much.