[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
how to resolve access authentication betwin two server?
I built two server, with different suffix such as
"o=org1,o=sss,dc=example,dc=com" and "o=sss,dc=example,dc=com". the last one
have a referral point to the first.
users that under each suffix gonna access entries of another server. for
example, "cn=g1,ou=users,o=sss,dc=example,dc=com" wanna access
"ou=business,o=org1,o=sss,dc=example,dc=com", via referral, but, problem is,
the first directory server cann't authenticate
"cn=g1,ou=users,o=sss,dc=example,dc=com", how could I do ?!
I tried to use "sasl-regexp" in configuration file of first server, but I
failed, the directive is like this:
sasl-regexp
uid=(.*),cn=.*
cn=$1,ou=users,o=org1,o=sss,dc=example,dc=com
or
sasl-regexp
uid=(.*),cn=.*
ldap://192.168.0.1:389/ou=users,o=org1,o=sss,dc=example,dc=com??sub?(&(cn=$1
)(objectclass=person))
or even
sasl-regexp
cn=(.*),ou=users,o=sss,dc=example,dc=com
ldap://192.168.0.1:389/ou=users,o=org1,o=sss,dc=example,dc=com??sub?(&(cn=$1
)(objectclass=person))
or
sasl-regexp
cn=(.*),ou=users,o=sss,dc=example,dc=com
cn=$1,ou=users,o=org1,o=sss,dc=example,dc=com
both the "cn=g1,ou=users,o=sss,dc=example,dc=com" &
"cn=g1,ou=users,o=org1,o=sss,dc=example,dc=com" do exist,
but I failed. the "sasl-regexp" seemed to do not work. I donn't know how to
configure it, anyone could tell me how to do ?! if "sasl-regexp" cann't
resolve this problem, anybody has good idea?!
thank you very much.