At 2003-12-21T18:51:13Z, Peter Marschall <peter@adpm.de> writes: > You can enable slapd's LDAPv2 cmpatibility in slpad.conf > (I do not have the corect command at hand) Just fixed that with the "allow bind_v2"; thanks! But on further reflection, I think my problem is more fundamental. For simplicity's sake, I've reorganized my database to: ou=lan,dc=honeypot,dc=net - Unix passwd, services, hosts, etc. ou=addressbook,dc=honeypot,dc=net - Shared address book The LDAP host is kanga.honeypot.net. If I'm on kanga, I can use ldapsearch to browse through the database, either anonymously or with '-D' referring to the rootdn configured in slapd.conf. However, I want to use dn's other than "rootdn" to authenticate. For example, when connecting with Evolution, I'd like to use either: cn=Kirk Strauser,ou=addressbook,dc=honeypot,dc=net or uid=kirk,ou=People,ou=lan,dc=honeypot,dc=net I could use some recommendations. The first dn above is an entry in my addressbook. Does it seem reasonable to authenticate from that base, or is that a security no-no? The second dn maps to my Unix passwd list. At any rate, given what I want to do, should I be looking at SASL or concentrating elsewhere? I'm ready to scrap my whole setup and start over From scratch, testing as I go until I get a working system, if that's what it takes. -- Kirk Strauser In Googlis non est, ergo non est.
Attachment:
pgp1N3NGzQJFp.pgp
Description: PGP signature