[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: User restriction
Adam Hough <adam@gradientzero.com> writes:
> On Mon, Jun 7, 2010 at 4:44 AM, Stuart Cherrington <
> stuart_cherrington@hotmail.co.uk> wrote:
[...]
> ldapsearch -x -b 'ou=auth,dc=ldn,dc=sw,dc=com' -h 10.2.250.15 -D cn=
> proxyagent,ou=profile,dc=ldn,dc=sw,dc=com -w xxxxxx
[...]
This search is done with default scope, which is subtree.
> dn: cn=access,ou=auth,dc=ldn,dc=sw,dc=com
> objectClass: groupOfNames
> objectClass: top
> cn: access
> member: uid=stuart,ou=people,dc=ldn,dc=sw,dc=com
[...]
> You can clearly see the first Member line is myself. If I now try:
>
> ldapcompare2.4 -v -x -h 10.2.250.15 -D cn=proxyagent,ou=profile,dc=ldn,dc=
> sw,dc=com -w xxxxxxxx "ou=auth,dc=ldn,dc=sw,dc=com" member:uid=stuart,ou=
> people,dc=ldn,dc=sw,dc=com
[...]
A ldapcompare is done one the base DN.
please compare those two DN's:
ou=auth,dc=ldn,dc=sw;dc=com
cn=access,ou=auth,dc=ldn,dc=sw,dc=com
-Dieter
-
--
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6