[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: AutoFS, GSSAPI, LDAPv3

To: Patrick Shinpaugh <shpatric@vt.edu>
Subject: Re: AutoFS, GSSAPI, LDAPv3
From: Buchan Milne <bgmilne@obsidian.co.za>
Date: Mon, 26 Apr 2004 16:01:25 +0200 (SAST)
Cc: OpenLDAP List <openldap-software@OpenLDAP.org>
In-reply-to: <1082743806.1725.159.camel@narf.sv.vt.edu>

On Fri, 23 Apr 2004, Patrick Shinpaugh wrote:

> Hi,
> I have implemented an LDAPv3 (Kerberos(GSSAPI), TLS, Cyrus-SASL, and
> OpenLDAP) server which is used for user validation/authentication and
> for automounting of NFS filesystems. To allow autofs 3.1.7 access to the
> LDAP database I was forced to add
> 
> allow bind_v2 bind_anon_dn
> 
> to my slapd.conf file. However, I was wondering if there is a way to set
> up LDAP so I can remove this allow statement and still have autofs able
> to access the automount information stored in the directory. I do have
> ACLs set up but I would rather not depend upon the ACLs alone to prevent
> unauthorized access to the information stored in the LDAP directory.
> 
> If it is possible please let me know how.


Maybe this will help:
http://cvs.mandrakesoft.com/cgi-bin/cvsweb.cgi/SPECS/autofs/ldapv3.patch?rev=1.1&content-type=text/x-cvsweb-markup

There were rumours that the latest autofs-4.1.x releases had merged LDAPv3 
support, but I haven't tested yet.

Of course, there are still a few LDAPv2-oly clients around (mozilla for 
example - hopefully it will be fixed soon).

Regards,
Buchan

References:
- AutoFS, GSSAPI, LDAPv3
  - From: Patrick Shinpaugh <shpatric@vt.edu>

Prev by Date: Re: updating the unchanged entry?
Next by Date: "Access to" directives for RDBMs-LDAP model mapping
Index(es):
- Chronological
- Thread