[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: 3 newbie questions : include new schema, ACL,
--On Tuesday, August 31, 2004 8:21 AM -0400 Frederic Medery
<fmedery@gmail.com> wrote:
Hello,
My server : Redhat AS 3 (openldap 2.0.x)
When I add another schema to slapd.conf (mic.schema) for example., do
I just have to include it in the slapd.conf and then restart the
daemon ?
Ususally.
Can we use saslRegexp with this version of openldap ?
Is it listed in the man page for slapd.conf for that version?
ACL : I'm using gssapi to connect to kerberos to get my password.
with this acl example (after a kinit kerberos_user):
access to *
by "uid=kerberos_user,cn=gssapi,cn-auth" write
by * none
And then I do a ldapsearch -Y
it's always the by * ... that applied.
Well, the generated DN's I've seen are:
"uid=kerberos_user,cn=<REALM>,cn=gssapi,cn=auth"
you seem to be missing the "cn=<REALM>" bit.
Like for stanford, it would be:
"uid=quanah,cn=stanford.edu,cn=gssapi,cn=auth"
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html