[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rootdn DN is invalid.



Ok, I think I've done that, I have a sasl-regexp like: 

sasl-regexp
     uid=(.*),cn=krbrealm,cn=gssapi,cn=auth
     uid=$1,ou=admin,dc=astro-umich,dc=edu


where the ldapadmin user is the only entry in the admin ou.  Is there 
anything else I need to add?

				-jeremy





On Thu, 22 Jan 2004, Quanah Gibson-Mount wrote:

> 
> 
> --On Thursday, January 22, 2004 4:19 PM -0500 Jeremy Hallum 
> <jhallum@umich.edu> wrote:
> 
> >
> > Trying to use sasl and kerberos V to authenticate the admin user to the
> > database through a service ticket.  I'm having one problem, though,  the
> > server won't start up with the error message:
> >
> > /etc/openldap/slapd.conf: line 115: rootdn DN is invalid
> 
> Jeremy,
> 
> What you need to do is set up something similar to what Stanford does 
> (since we use K5 for this as well).
> 
> Your root DN entity needs to have an entry in the OpenLDAP DB.  Then, you 
> use a sasl-regexp to map that entity to the root DN.
> 
> I can provide more detail if this general idea isn't enough. ;)
> 
> --Quanah
> 
> --
> Quanah Gibson-Mount
> Principal Software Developer
> ITSS/TSS/Computing Systems
> ITSS/TSS/Infrastructure Operations
> Stanford University
> GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
> 
> 

-- 
--
+================================================================+
  Jeremy Hallum, System Manager , Astronomy, University of Michigan
              jhallum@umich.edu::jhallum@dreamt.org
                    "Audentis Fortuna Iuvat"