[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Handling slapd.d in OpenLDAP and Kerberos

To: openldap-technical@openldap.org
Subject: Re: Handling slapd.d in OpenLDAP and Kerberos
From: Jaap Winius <jwinius@umrk.nl>
Date: Mon, 10 Jan 2011 10:34:29 +0100
Content-disposition: inline
In-reply-to: <AANLkTimuLyjAKuf0hzEMBX1ys+eXNb4zHXckYtYmr7RZ@mail.gmail.com>
References: <AANLkTimuLyjAKuf0hzEMBX1ys+eXNb4zHXckYtYmr7RZ@mail.gmail.com>
User-agent: Internet Messaging Program (IMP) H3 (4.3.8)

Quoting "sarathkrishna89@gmail.com" <sarathkrishna89@gmail.com>:

For authenticating via OpenLDAP, the principles needs to be rewritten (using
authz-policy and authz-regexp). We know how to do
that in older version of OpenLDAP which had (slapd.conf) but don't know how
to do the same in new OpenLDAP which has slapd.d directory instead.
The manuals also doesn't say anything on this issue.

The switch from slapd.conf to cn=config takes a little getting usedto, plus the migration script may not work for you, but in the end Iproduced a set of procedures that should tell you most of what youwant to know:


  * Integrated Kerberos-OpenLDAP provider on Debian squeeze
    http://www.rjsystems.nl/en/2100-d6-kerberos-openldap-provider.php

  * Integrated Kerberos-OpenLDAP consumer on Debian squeeze
    http://www.rjsystems.nl/en/2100-d6-kerberos-openldap-consumer.php

True, I didn't use Ubuntu in these examples, but I would not besurprised if the procedures were almost identical, certainly withcn=config.


Cheers,

Jaap

References:
- Handling slapd.d in OpenLDAP and Kerberos
  - From: "sarathkrishna89@gmail.com" <sarathkrishna89@gmail.com>

Prev by Date: Re: RE24 testing call #1 (OL 2.4.24)
Next by Date: dynlist overlay searching in a different server
Index(es):
- Chronological
- Thread