[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Rewriting the dn

To: Justin Davies <justin@palmcoder.net>
Subject: Re: Rewriting the dn
From: Buchan Milne <bgmilne@obsidian.co.za>
Date: Tue, 15 Jun 2004 13:09:09 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <09D952C5-BEB9-11D8-B7ED-000A956F6812@palmcoder.net>
References: <09D952C5-BEB9-11D8-B7ED-000A956F6812@palmcoder.net>
User-agent: Mozilla Thunderbird 0.6 (X11/20040609)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Justin Davies wrote:
| I am using openldap as a proxy to an NDS ldap server and it seems to be
| working ok.
|
| The problem I have is that NDS will by default only set the dn as
| cn=user,......  I need the dn to be uid=user,.....
|

I am just wondering if this is necessary? What applications are binding
as uid=? If it's just pam_ldap, then you should just be able to do:

pam_login_attribute cn
in /etc/ldap.conf

For nss, you probably need:
#nss_map_attribute uid cn

etc.

If you just want to authenticate unix machines to NDS, you shouldn't
need an openldap doing rewrites, just a recent pam_ldap/nss_ldap.

(of course, further discussion would be off-topic for this list).

Regards,
Buchan

- --
Buchan Milne                      Senior Support Technician
Obsidian Systems                  http://www.obsidian.co.za
B.Eng                                RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFAztjVrJK6UGDSBKcRAsU9AKDJYRhpX3Xiy+uIYc5OWcSosMxsMgCfVR4f
q2+31LoGlmgO4SQJkBnLUG0=
=9p+U
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: Rewriting the dn
  - From: Justin Davies <justin@palmcoder.net>

References:
- Rewriting the dn
  - From: Justin Davies <justin@palmcoder.net>

Prev by Date: Re: Ang. RE: Bdb defaults - WAS: problem importing entries.
Next by Date: Re: Rewriting the dn
Index(es):
- Chronological
- Thread