[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Comparing slapcat output
Howard Chu writes:
>Pierangelo Masarati wrote:
>>>> uidnumber=0+gidnumber=0,cn=peercred,cn=external,cn=auth
>>>> (...)
>>> But why aren't slapd's DN normalization routines being used here
>>> considering it is slapd which adds that?
> (...)
> slapd is hardcoded to generate DNs in this form for SASL/EXTERNAL over
> ldapi. It's been like this for a long time now, since release 2.2.13.
It doesn't work to use either that DN or gidnumber=0+uidnumber=0,... as
rootdn in OpenLDAP 2.3.4, probably because rootdn does get normalized.
A workaround is to rewrite it to the rootdn with authz-regexp.
--
Hallvard