[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Getting LDAP and SASL (digest-md5) to play nice
Michael Ströder skrev, on 07-03-2008 11:41:
You need one more attribute there, an operational attribute that you
can add with ldapmodify: authzTo.
No, the authzTo attribute has nothing to do with mapping a SASL identity
to a LDAP entry DN!
It is used for specifying the set of possible authz-DNs for a specific
authc-DN when proxy authorization control is sent along with a LDAP
request by this identity. This is a totally different thing.
Funnily enough this is what I use it for ...
Best,
--Tonni
--
Tony Earnshaw
Email: tonni at hetnet dot nl