[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: sasl UID mapping
> -----Original Message-----
> From: Paul Jakma [mailto:paul@clubi.ie]
> On Sat, 17 Jan 2004, Howard Chu wrote:
> > By the way, you didn't mention exactly what version of
> OpenLDAP 2.1 you
> > installed. 2.1.25 is the latest, with 2.1.26 stewing along.
>
> Fedora openldap-servers-2.1.22-8 rpm.
>
> > > sasl-regexp
> > > uid=(.*),cn=(.*),cn=gssapi,cn=auth
> > > ldap:///ou=people,dc=jakma,dc=org???krbName=$1@$2
> >
> > This is not the same regexp you posted before. When you don't
> > specify a scope it defaults to "base". This regexp would map all
> > usernames to ou=people,dc=jakma,dc=org, and the attached log shows
> > this is exactly what it did.
>
> it mightnt be - i've been trying various things. arg. yes. Added sub
> to the scope and it now works! I suspect previously it was ACL
> restriction of lookups on krbname to authenticated users which
> prevented the mapping.
"The devil is in the details." There's a popular saying:
If you want to enjoy life,
- don't sweat the small stuff
- it's All small stuff
Whoever said that probably never worked with computers... Without attention
to detail there is no hope of progress.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support