[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: slapd-meta question
> Hi,
>
> can anybody out there point me to useful information/examples/links to
> slapd-meta? All I can find in google is the slapd-meta manpage. I'm
> especially interested in the binddn/pseudodn/rewrite stuff. So far I
> tried to setup a meta directory which queries three different
> directories, but no matter whether I use binddn or pseudodn all I get is
> the attributes allowed for anonymous bind.
pseudorootdn, as discussed in the manpage, is the identity that will be
used, for each remote server, when the client bound as the rootdn of the
proxy:
client meta remote1 remote2 remote3 ...
anonymous anon anon anon anon
user (@remote1) user user anon anon
meta rootdn rootdn pseudoroot1 pseudoroot2 pseudoroot3
It cannot be used to turn anonymous requests into authenticated ones.
Back-ldap has more sophisticated identity mapping capabilities, which,
under some circumstances, may allow to turn anonymous into auth'd
requests, but this is not very well documented, as it is considered bad
practice.
p.
Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------