[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: sasl UID mapping
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Paul Jakma
> Find below loglevel 7 output of an ldapmodify consisting of:
By the way, you didn't mention exactly what version of OpenLDAP 2.1 you
installed. 2.1.25 is the latest, with 2.1.26 stewing along.
> Note that if i replace the sasl-regexp in question:
>
> sasl-regexp
> uid=(.*),cn=(.*),cn=gssapi,cn=auth
> ldap:///ou=people,dc=jakma,dc=org???krbName=$1@$2
This is not the same regexp you posted before. When you don't specify a scope
it defaults to "base". This regexp would map all usernames to
ou=people,dc=jakma,dc=org, and the attached log shows this is exactly what it
did.
> Jan 18 03:33:26 hibernia slapd[9329]: do_sasl_bind: dn () mech GSSAPI
> Jan 18 03:33:26 hibernia slapd[9329]: ==> sasl_bind: dn=""
> mech=<continuing> datalen=65
> Jan 18 03:33:26 hibernia slapd[9329]: SASL Canonicalize
> [conn=0]: authcid="paul"
> Jan 18 03:33:26 hibernia slapd[9329]: slap_sasl_getdn:
> id=paul [len=4]
> Jan 18 03:33:26 hibernia slapd[9329]: getdn: u:id converted
> to uid=paul,cn=JAKMA.ORG,cn=GSSAPI,cn=auth
> Jan 18 03:33:26 hibernia slapd[9329]: >>> dnNormalize:
> <uid=paul,cn=JAKMA.ORG,cn=GSSAPI,cn=auth>
> Jan 18 03:33:26 hibernia slapd[9329]: <<< dnNormalize:
> <uid=paul,cn=jakma.org,cn=gssapi,cn=auth>
> Jan 18 03:33:26 hibernia slapd[9329]: ==>slap_sasl2dn:
> converting SASL name uid=paul,cn=jakma.org,cn=gssapi,cn=auth to a DN
> Jan 18 03:33:26 hibernia slapd[9329]: slap_sasl_regexp:
> converting SASL name uid=paul,cn=jakma.org,cn=gssapi,cn=auth
> Jan 18 03:33:26 hibernia slapd[9329]: slap_sasl_regexp:
> converted SASL name to
> ldap:///ou=people,dc=jakma,dc=org???krbName=paul@jakma.org
> Jan 18 03:33:27 hibernia slapd[9329]: slap_parseURI: parsing
> ldap:///ou=people,dc=jakma,dc=org???krbName=paul@jakma.org
> Jan 18 03:33:27 hibernia slapd[9329]: >>> dnNormalize:
> <ou=people,dc=jakma,dc=org>
> Jan 18 03:33:27 hibernia slapd[9329]: <<< dnNormalize:
> <ou=people,dc=jakma,dc=org>
> Jan 18 03:33:27 hibernia slapd[9329]: <==slap_sasl2dn:
> Converted SASL name to ou=people,dc=jakma,dc=org
> Jan 18 03:33:27 hibernia slapd[9329]: getdn: dn:id converted
> to ou=people,dc=jakma,dc=org
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support