[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting LDAP and SASL (digest-md5) to play nice



Tony Earnshaw wrote:
Rick Stevens skrev, on 06-03-2008 20:37:

[...]

[root@prophead ~]# ldapsearch -v -w unix__gort -b "ou=people,dc=gbsbilling,dc=com" uid=root
(fluff trimmed)
# root, People, gbsbilling.com
dn: uid=root,ou=People,dc=gbsbilling,dc=com
uid: root
cn: root
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
shadowLastChange: 13938
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /root
gecos: root
userPassword:: dW5peF9fZ29ydA==

You need one more attribute there, an operational attribute that you can add with ldapmodify: authzTo. Did you read your rps2@socal.rr.com mail today? I sent you a link off list to a complete HOWIDIDIT I wrote in 2004.

Yes, I did see it. I'm sorry I didn't respond directly when I got it.

I've got things working more or less at this point.  I'll get the
authzTo thing sorted out tomorrow.

Thanks again for the help.
----------------------------------------------------------------------
- Rick Stevens, Unix Geek                          rps2@socal.rr.com -
-                                                                    -
-     Try to look unimportant.  The bad guys may be low on ammo.     -
----------------------------------------------------------------------