[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 3 newbie questions : include new schema, ACL,

To: Frederic Medery <fmedery@gmail.com>, openldap-software@OpenLDAP.org
Subject: Re: 3 newbie questions : include new schema, ACL,
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Tue, 31 Aug 2004 14:18:54 -0700
Content-disposition: inline
In-reply-to: <7d19fa770408310521343132e9@mail.gmail.com>
References: <7d19fa77040830185563310465@mail.gmail.com> <7d19fa770408310521343132e9@mail.gmail.com>

--On Tuesday, August 31, 2004 8:21 AM -0400 Frederic Medery <fmedery@gmail.com> wrote:

Hello,

My server : Redhat AS 3 (openldap 2.0.x)

When I add another schema to slapd.conf (mic.schema) for example., do
I just have to include it in the slapd.conf  and then restart the
daemon ?


Ususally.

Can we use saslRegexp with this version of openldap ?


Is it listed in the man page for slapd.conf for that version?

ACL : I'm using gssapi to connect to kerberos to get my password.
with this acl example (after a kinit kerberos_user):
access to *
   by "uid=kerberos_user,cn=gssapi,cn-auth" write
    by * none

And then I do a ldapsearch -Y

it's always the by * ... that applied.

Well, the generated DN's I've seen are:

"uid=kerberos_user,cn=<REALM>,cn=gssapi,cn=auth"

you seem to be missing the "cn=<REALM>" bit.

Like for stanford, it would be:

"uid=quanah,cn=stanford.edu,cn=gssapi,cn=auth"

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

References:
- 3 newbie questions : include new schema, ACL,
  - From: Frederic Medery <fmedery@gmail.com>

Prev by Date: Re: 3 newbie questions : include new schema, ACL,
Next by Date: Re: [ERROR 80] Unknown error with multiple databases
Index(es):
- Chronological
- Thread