[Date Prev][Date Next] [Chronological] [Thread] [Top]

cn=config with SASL

To: openldap <openldap-software@OpenLDAP.org>
Subject: cn=config with SASL
From: Eran Leiserowitz <eran.leiserowitz@xeround.com>
Date: Tue, 29 Aug 2006 14:37:29 +0300

Hi,

I've added SASL configuration to the test slapd that I'm using. I've
added the following to the slapd.conf:

disallow bind_simple
disallow bind_anon
sasl-secprops noanonymous
sasl-host localhost

#######################################################################
# BDB database definitions
#######################################################################

I've added a test user using the saslpasswd2 utility. When I'm trying to
access the bdb database, everything seems to be OK. But, when I try to
search the "cn=config" sub tree, I get the following:

ldapsearch -a always -O noanonymous -U erantest@eranl -Y login -w
password -b "cn=schema,cn=config"
SASL/LOGIN authentication started
SASL username: erantest@eranl
SASL SSF: 0
# extended LDIF
#
# LDAPv3
# base <cn=schema,cn=config> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 4
result: 50 Insufficient access

# numResponses: 1

Can someone please explain what I'm missing here.

Thanks,
  Eran

Prev by Date: Re: cn=Subschema
Next by Date: Re: cn=Subschema
Index(es):
- Chronological
- Thread