Re: Getting LDAP and SASL (digest-md5) to play nice

[Rick Stevens <rps2@socal.rr.com>]

Tony Earnshaw wrote:
> Rick Stevens skrev, on 06-03-2008 20:37:
>
> [...]
>
> > [root@prophead ~]# ldapsearch -v -w unix__gort -b 
> > "ou=people,dc=gbsbilling,dc=com" uid=root
> > (fluff trimmed)
> > # root, People, gbsbilling.com
> > dn: uid=root,ou=People,dc=gbsbilling,dc=com
> > uid: root
> > cn: root
> > objectClass: account
> > objectClass: posixAccount
> > objectClass: top
> > objectClass: shadowAccount
> > shadowLastChange: 13938
> > shadowMax: 99999
> > shadowWarning: 7
> > loginShell: /bin/bash
> > uidNumber: 0
> > gidNumber: 0
> > homeDirectory: /root
> > gecos: root
> > userPassword:: dW5peF9fZ29ydA==
>
> You need one more attribute there, an operational attribute that you can 
> add with ldapmodify: authzTo. Did you read your rps2@socal.rr.com mail 
> today? I sent you a link off list to a complete HOWIDIDIT I wrote in 2004.

Yes, I did see it.  I'm sorry I didn't respond directly when I got it.

I've got things working more or less at this point.  I'll get the
authzTo thing sorted out tomorrow.

Thanks again for the help.
----------------------------------------------------------------------
- Rick Stevens, Unix Geek                          rps2@socal.rr.com -
-                                                                    -
-     Try to look unimportant.  The bad guys may be low on ammo.     -
----------------------------------------------------------------------