[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3396) slapd crash during SASL Canonicalize

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3396) slapd crash during SASL Canonicalize
From: ando@sys-net.it
Date: Tue, 16 Nov 2004 19:55:30 GMT

Digant C Kasundra wrote:

>>I think I've found the problem, which could be related to a bug in authz
>>mapping in slapd.  I'll fix it in a moment in HEAD; but it can be easily
>>worked around by changing your sasl-regexp directives.  Please try the
>>following and report the result:
>>
>>sasl-regexp "^uid=service/nss/(.*),cn=CEDAR\.UTA\.EDU,cn=gssapi,cn=auth$"
>>        "dn:cn=$1,cn=nss,cn=services,dc=uta,dc=edu"
>>sasl-regexp "^uid=service/(.*),cn=CEDAR\.UTA\.EDU,cn=gssapi,cn=auth$"
>>        "dn:cn=$1,cn=services,dc=uta,dc=edu"
>>sasl-regexp "^uid=(.*),cn=CEDAR\.UTA\.EDU,cn=gssapi,cn=auth$"
>>        "dn:uid=$1,cn=accounts,dc=uta,dc=edu"
>>    
>>
>
>This format works great.  I think I'm good to go.  Thanks for all your
>help, P.
>  
>
In this case, the sasl-regexp is just mapping to a DN, regardless of its 
existence; in the URI case, an internal search is performed, and the 
mapping is successful only if the search succeeds.  Apparently, your DNs 
are mapping to non-existent DNs (which is perfectly legal, though).

p.





    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Prev by Date: Re: (ITS#3396) slapd crash during SASL Canonicalize
Next by Date: Re: (ITS#3395) rw-overlay is not rewriting
Index(es):
- Chronological
- Thread