[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: sasl UID mapping
On Sat, 17 Jan 2004, Howard Chu wrote:
> By the way, you didn't mention exactly what version of OpenLDAP 2.1 you
> installed. 2.1.25 is the latest, with 2.1.26 stewing along.
Fedora openldap-servers-2.1.22-8 rpm.
> > sasl-regexp
> > uid=(.*),cn=(.*),cn=gssapi,cn=auth
> > ldap:///ou=people,dc=jakma,dc=org???krbName=$1@$2
>
> This is not the same regexp you posted before. When you don't
> specify a scope it defaults to "base". This regexp would map all
> usernames to ou=people,dc=jakma,dc=org, and the attached log shows
> this is exactly what it did.
it mightnt be - i've been trying various things. arg. yes. Added sub
to the scope and it now works! I suspect previously it was ACL
restriction of lookups on krbname to authenticated users which
prevented the mapping.
Thanks very much for the clues!
regards,
--
Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A
warning: do not ever send email to spam@dishone.st
Fortune:
Everything that can be invented has been invented.
-- Charles Duell, Director of U.S. Patent Office, 1899