[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: saslAuthzTo and regexp troubles
> Hi,
>
> after upgrading our openldap server to the most current version, I'm
> having bad troubles with saslAuthzTo and regular expressions.
>
> Previously the following attribute setting for saslAuthzTo was working:
>
> saslAuthzTo: uid=.*,ou=MailCustomers,dc=bestsolution,dc=at
In 2.2, the DNs used in saslAuthzTo and saslAuthzFrom (note that this will
soon change into authzTo and authzFrom) default to exact; if you want
regex matching, you need to explicitly set the style to regex. So your
rule would read
saslAuthzTo: dn.regex:uid=.*,ou=MailCustomers,dc=bestsolution,dc=at
Note that if you can give away with the "uid=" prefix, a rule like
saslAuthzTo: dn.onelevel:ou=MailCustomers,dc=bestsolution,dc=at
would save you a regcomp(), regexec().
This should be documented somewhere, e.g. in slapd.conf(5) or in the admin
guide. I cannot find the reference right now, but I'm sure it is...
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497