[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: custom auth

To: Marten Lehmann <lehmann@cnm.de>
Subject: Re: custom auth
From: Jan-Piet Mens <jpm@retail-sc.com>
Date: Thu, 10 Dec 2009 08:43:29 +0100
Cc: openldap-software@openldap.org
Content-disposition: inline
In-reply-to: <4B1FB12A.30107@cnm.de>
References: <4B1FB12A.30107@cnm.de>
User-agent: Mutt/1.5.17 (2007-11-01)

>
> rootdn          "cn=admin,ou=users,dc=mail"
>
> access to attrs=userPassword
>        by anonymous auth
>        by * none
>
> How do I tell OpenLDAP to authenticate against cn=<login>,ou=users,dc=mail 
> and its userPassword attribute?

You don't.  You've got the wording a bit wrong. :-) Your configuration
will allow an LDAP client to authenticate against this OpenLDAP instance
with a user defined in your directory. Supposing you have an entry

        dn: cn=mta,ou=users,dc=mail
        cn: mta
        userPassword: <something>
        objectclass: person
        sn: mta

What you probably want to do is to tell your LDAP client (your MTA?) to
bind to OpenLDAP as "cn=mta,ou=users,dc=mail" with that entry's
password.

        -JP

Follow-Ups:
- Re: custom auth
  - From: Marten Lehmann <lehmann@cnm.de>

References:
- custom auth
  - From: Marten Lehmann <lehmann@cnm.de>

Prev by Date: searching for attributes without index in 2.4.19 with bdb 4.5
Next by Date: Re: unexpected userPassword content
Index(es):
- Chronological
- Thread