[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL Proxy Authorization
On 06/25/13 18:04 +0530, Vishesh kumar wrote:
Hi Members,
I am trying to get SASL Proxy Authorization in work. GSSAPI authentication
is already in place
++++++++++++
SASL/GSSAPI authentication started
SASL username: admin@LINUXMANTRA.LOCAL
SASL SSF: 56
SASL data security layer installed.
dn:uid=admin,cn=gssapi,cn=auth
++++++++++++++++++++++++++
Do you actually have an entry of uid=admin,cn=gssapi,cn=auth in your tree?
If not, it should map to an actual entry (with authz-regexp), if you are
using authzTo for proxy auth.
But following command giving error
ldapsearch -d 1 -Y GSSAPI -X "uid=vishesh,dc=linuxmantra,dc=local"
-b"dc=linuxmantra,dc=local" -s base
Your -X option should be "dn:uid=vishesh,dc=linuxmantra,dc=local". See the
manpage for ldapsearch, and chapter 15 of the Admin Guide on the website.
I already mentioned "authzTo: dn:uid=vishesh,dc=linuxmantra,dc=local" for
admin DN.
--
Dan White