[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Proxy Authorization

To: openldap-software@openldap.org
Subject: Re: Proxy Authorization
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Sun, 27 Sep 2009 18:00:09 +0200
In-reply-to: <4ABD894D.2060107@gmail.com> (Jittinan Suwanrueangsri's message of "Sat, 26 Sep 2009 10:23:57 +0700")
References: <4ABD894D.2060107@gmail.com>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)

Jittinan Suwanrueangsri <jittinan2@gmail.com> writes:

> Hi All
>
> I try configure slapd.conf to support proxy authorization but I can not add
> authzTo attribute to an entry
>
> [root@masterldap ~]# ldapmodify -x -w secret -D "cn=admin,dc=demo,dc=net"
> dn: uid=matt,ou=Users,dc=demo,dc=net
> changetype: add
> authzTo: dn.regex=^uid=[^,]*,ou=Users,dc=demo,dc=net$

this is just wrong, see man ldapmodify(1), it should be

changetype: modify
add: authzTo
authzTo: dn.regex.....

[...]
> I didn't see an authzTo attribute in any openldap schema .How can I fix an
> error?

it is hard coded in servers/slapd/schema_prep.c

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E

References:
- Proxy Authorization
  - From: Jittinan Suwanrueangsri <jittinan2@gmail.com>

Prev by Date: Re: Search fails after adding index
Next by Date: SASL Mech EXTERNAL disabled?
Index(es):
- Chronological
- Thread