[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: strong bind with back-ldap
Dieter Kluenter wrote:
> Hello,
>
> Pierangelo Masarati <ando@sys-net.it> writes:
>
>> Dieter Kluenter wrote:
>>> Hi,
>
>>> | acl-bind
>>> | bindmethod=sasl
>>> | saslmech=digest-md5
>>> | authcId=admanager
>>> | credentials=xxx
>>> | #idassert-authzFrom dn.regex:cn=(.*),ou=(*)?dc=dkluenter,dc=de
>>> | idassert-bind
>>> | bindmethod=sasl
>>> | saslmech=digest-md5
>>> | authzId=u:admanager
>
> I got it properly working in the end.
> acl-bind rules as above
>
> idassert-bind
> bindmethod=sasl
> saslmech=digest-md5
> authcId=admanager
> credentials=xxx
> mode=self
>
> the manual page slapd-ldap is not quite clear about mode parameters, so
> I was relying on default, thats why I configured authzId=u:admanager.
Sorry for misleading you. I also thought the default was "self". This
definitely needs clarification.
Cheers, p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati@sys-net.it
---------------------------------------