[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: sasl UID mapping



> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Paul Jakma

> Hi,
>
> I'm having problems with mapping of sasl authenticated users to DN's
> with the RH openldap-servers-2.0.27-2.7.3 RPM.

Indeed. Most people have problems doing much of anything with RedHat's
bundled OpenLDAP. It's obsolete, throw it away.

> I have a user, paul@JAKMA.ORG (strangely enough), who is
> authenticated via GSSAPI (works fine). I map the sasl DN to a user
> with the following sasl-regexp's:

> sasl-regexp
>  uid="(.*),cn=jakma.org,cn=GSSAPI,cn=auth$"

What OpenLDAP 2.0 documentation did you read that told you to do this?
sasl-regexp is not part of OpenLDAP 2.0, it was introduced in OpenLDAP 2.1.
There is no SASL id mapping in 2.0. If you actually read the documentation
that was included in your distro you'd notice it is conspicuously absent.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support