[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: olcAuthzRegexp and SASL

To: <openldap-technical@openldap.org>
Subject: Re: olcAuthzRegexp and SASL
From: Pierangelo Masarati <pierangelo.masarati@polimi.it>
Date: Sat, 8 Jun 2013 17:22:02 +0200
In-reply-to: <1370702404.2101.18.camel@desktop.bpk2.com>
References: <1370702276.2101.16.camel@desktop.bpk2.com> <1370702404.2101.18.camel@desktop.bpk2.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5

On 06/08/2013 04:40 PM, Brendan Kearney wrote:

Sent to early, sorry...

I get the error:

ldapmodify: extra lines at end (line 3, entry "cn=config")

i am guessing that i have to escape the embedded space in the line, or
encapsulate the entire line.  what is the correct why to delete the line
and re-add it correctly?

Presuming you want to delete that value of olcAuthzRegexp and add twonew values, that's not valid LDIF. You need to do something like


dn: cn=config
changetype: modify
delete: olcAuthzRegexp
olcAuthzRegexp: uid=([^,]+),cn=bpk2.com,cn=gssapi,cn=auth
  uid= $1,ou=Users,dc=bpk2,dc=com
-
add: olcAuthzRegexp
olcAuthzRegexp: {0}uid=([^,]*),cn=bpk2.com,cn=gssapi,cn=auth
olcAuthzRegexp: {1}uid=$1,ou=Users,dc=bpk2,dc=com

Note that since olcAuthzRegexp is ordered, you can delete a value bysimply using its number; for example, if the currently present line hasvalue {0}, simply use


dn: cn=config
changetype: modify
delete: olcAuthzRegexp
olcAuthzRegexp: {0}
-
add: olcAuthzRegexp
olcAuthzRegexp: {0}uid=([^,]*),cn=bpk2.com,cn=gssapi,cn=auth
olcAuthzRegexp: {1}uid=$1,ou=Users,dc=bpk2,dc=com

p.


On Sat, 2013-06-08 at 10:37 -0400, Brendan Kearney wrote:

all,

i am working on getting SASL, Kerberos 5, and LDAP working together.  i
buggered an olcAuthzRegexp and need to correct it.  i need to remove the
one in place, and replace it with the corrected version.  below is what
i am trying:

ldapmodify -QY EXTERNAL -H ldapi:///
dn: cn=config
changetype: delete
olcAuthzRegexp: uid=([^,]+),cn=bpk2.com,cn=gssapi,cn=auth uid=
$1,ou=Users,dc=bpk2,dc=com
-
changetype: modify
add: olcAuthzRegexp
olcAuthzRegexp: {0}uid=([^,]*),cn=bpk2.com,cn=gssapi,cn=auth
olcAuthzRegexp: {1}uid=$1,ou=Users,dc=bpk2,dc=com

(note, the first olcAuthzRegexp that is to be deleted should be all on
one line, and that is why it is wrong.  formatting in this message may
change the way it looks.)

the error i get is:



--
Pierangelo Masarati
Associate Professor
Dipartimento di Ingegneria Aerospaziale
Politecnico di Milano

Follow-Ups:
- Re: olcAuthzRegexp and SASL
  - From: Brendan Kearney <bpk678@gmail.com>

References:
- olcAuthzRegexp and SASL
  - From: Brendan Kearney <bpk678@gmail.com>
- Re: olcAuthzRegexp and SASL
  - From: Brendan Kearney <bpk678@gmail.com>

Prev by Date: Re: olcAuthzRegexp and SASL
Next by Date: Re: olcAuthzRegexp and SASL
Index(es):
- Chronological
- Thread