[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: How-to secure PosixAccount attr ?
At 01:16 PM 12/7/2004, FM wrote:
>server openldap 2.2.17, with sasl auth (krb5)
>
>access to dn.regex="^([^,]*,)?ou=[^,]+,(dc=[^,]+(,dc=[^,]+)*)$"
> attrs=posixAccount
> by anonymous auth
> by users read
> by self read
>
>The prob is that if I use id user1 for examples, the BIND="" unless I harcode it on in ldap.conf.
You must be referring to some non-OpenLDAP ldap.conf. If
slapd(8) is reporting BIND="", then the client is anonymous.
>How can I secure those info ?
Well, first you likely need to have the client authenticate.
>Is there a way to pass the current DN on the user ?
Maybe, see the client documentation about what authentication
options it offers and how to configure those options.
Kurt