[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: strong bind with back-ldap

To: openldap-software@openldap.org
Subject: Re: strong bind with back-ldap
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Tue, 21 Aug 2007 19:12:28 +0200
In-reply-to: <46CAE25B.7020709@sys-net.it> (Pierangelo Masarati's message of "Tue, 21 Aug 2007 15:02:19 +0200")
References: <873aydku44.fsf@magenta.l4b.de> <46CAE25B.7020709@sys-net.it>
User-agent: Gnus/5.1006 (Gnus v5.10.6) XEmacs/21.5 (chestnut, linux)

Hello,

Pierangelo Masarati <ando@sys-net.it> writes:

> Dieter Kluenter wrote:
>> Hi,

>> | acl-bind
>> |         bindmethod=sasl
>> |         saslmech=digest-md5
>> |         authcId=admanager
>> |         credentials=xxx
>> | #idassert-authzFrom dn.regex:cn=(.*),ou=(*)?dc=dkluenter,dc=de
>> | idassert-bind
>> |         bindmethod=sasl
>> |         saslmech=digest-md5
>> |         authzId=u:admanager

I got it properly working in the end.
acl-bind rules as above

idassert-bind
        bindmethod=sasl
        saslmech=digest-md5
        authcId=admanager
        credentials=xxx
        mode=self

the manual page slapd-ldap is not quite clear about mode parameters, so
I was relying on default, thats why I configured authzId=u:admanager.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6

Follow-Ups:
- Re: strong bind with back-ldap
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- strong bind with back-ldap
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: strong bind with back-ldap
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: strong bind with back-ldap
Next by Date: Re: strong bind with back-ldap
Index(es):
- Chronological
- Thread