[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap auth does not works after openldap upgrade

To: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
Subject: Re: ldap auth does not works after openldap upgrade
From: Howard Chu <hyc@symas.com>
Date: Wed, 16 Feb 2011 15:29:45 -0800
Cc: openldap-technical@openldap.org
In-reply-to: <20110216121636.GG13985@slab.skills-1st.co.uk>
References: <20110215151309.GE22964@slab.skills-1st.co.uk> <AANLkTi=Fu4WaVX02Kq2MPknrEum2Y6LoYf1DVn4N=yq6@mail.gmail.com> <20110215163018.GD13985@slab.skills-1st.co.uk> <AANLkTimz5SB0AYmHnyGF8oDmUcngiyVYyh15sxnEpN9m@mail.gmail.com> <20110215172026.GE13985@slab.skills-1st.co.uk> <AANLkTinJLZhsjq+-P-CXZpwHdkbPP21vo2Ou5MTv9N7R@mail.gmail.com> <20110215184000.GF13985@slab.skills-1st.co.uk> <AANLkTin6mjH+s-3tprRnv8yKyHopZ2JJohojshVj=4nR@mail.gmail.com> <20110216104327.GG22964@slab.skills-1st.co.uk> <4D5BAC27.6030201@symas.com> <20110216121636.GG13985@slab.skills-1st.co.uk>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:2.0b11pre) Gecko/20110130 Firefox/4.0b11pre SeaMonkey/2.1b2pre

Andrew Findlay wrote:

On Wed, Feb 16, 2011 at 02:51:19AM -0800, Howard Chu wrote:

I also suspect that there may not be a valid password set on the
cn=config suffix, so you will not be able to manage the server through
LDAP either.


Since it's starting on ldapi:/// he should just do a SASL EXTERNAL
bind on ldapi:// using Unix root. Pretty sure Debian packages it
with the appropriate authz-regexp already configured.


I don't have a Debian Squeeze server at present so I cannot
check that.

Where is this documented? I am having great trouble finding
any clear description of how to actually access cn=config in
the bootstrap case.

I don't know where Debian documents their bootstrap config, you'll have to askthem.

Similarly I cannot find anything that
clearly describes the use of SASL EXTERNAL with ldapi.


http://tools.ietf.org/html/draft-chu-ldap-ldapi-00

If you can point me at some authoritative statements I will
propose a patch for the Admin Guide.

Andrew


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: ldap auth does not works after openldap upgrade
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>

References:
- Re: ldap auth does not works after openldap upgrade
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- Re: ldap auth does not works after openldap upgrade
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- Re: ldap auth does not works after openldap upgrade
  - From: Leonardo Carneiro <chesterman86@gmail.com>
- Re: ldap auth does not works after openldap upgrade
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- Re: ldap auth does not works after openldap upgrade
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- Re: ldap auth does not works after openldap upgrade
  - From: Leonardo Carneiro <chesterman86@gmail.com>
- Re: ldap auth does not works after openldap upgrade
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- Re: ldap auth does not works after openldap upgrade
  - From: Howard Chu <hyc@symas.com>
- Re: ldap auth does not works after openldap upgrade
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>

Prev by Date: Conflict resolution on Syncrepl
Next by Date: Re: ldap auth does not works after openldap upgrade
Index(es):
- Chronological
- Thread