[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ACLs

To: "'Tomas Maly'" <malyprogservices@flashmail.com>
Subject: RE: ACLs
From: a.brinkman@avades.nl (Alexander Brinkman)
Date: Fri, 16 Mar 2001 09:29:53 +0100
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <3AB1AAF9.3F5567A2@flashmail.com>

> Until the SaslRegExp directive gets used, SASL identities
> have no relation to
> user dn's. uid=steve may be able to write to userPassword under
> "uid=steve,ou=People,dc=sprinter,dc=org", but ldappasswd while being
> authenticated as this identity will result in a error. Using
> SASL/GSSAPI will
> make this statement pointless, but there may be cases when an
> actual dn is
> desired. Such as using the dnattr ACL directive.

Indeed. But for me it's working now. Users who authenticate with SASL now
get write or read permissions on the things they should. Although it would
be nice if there was a real relation between the two. :) When will the
saslregexp directive be generally available? In 2.1?

Grtz,
	Eon.

References:
- Re: ACLs
  - From: Tomas Maly <malyprogservices@flashmail.com>

Prev by Date: RE: ACLs
Next by Date: Re: Objectclass violation
Index(es):
- Chronological
- Thread