[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Referral -> insufficient access
How comes it works (using the same OpenLDAP ldap* tools) with another
directory server?
I cannot manage to find a "-R" option to ldapadd (the one that comes with
OpenLDAP 1.2.6).
Thanks for your help!
Frederic.
At 13:12 2/09/99 -0700, you wrote:
>At 07:12 PM 9/2/99 +0200, Frédéric Poels wrote:
>>I am running slapd 1.2.6 on two AIX machines, replicating from one to
another.
>>Replication works fine wrom Master to Slave. Changes applied to the Master
>>are replicated to the slave. Changes applied to the slave return an
>>"Insufficient access" error.
>
>Changes to the slave should be referred to the master. The
>client should automatically chase this referral. However,
>many clients (including OpenLDAP ldap* tools) do not support
>rebind when simple bind is in use. This is a security feature.
>
>As OpenLDAP 1.x only implements simple bind, all of the
>provided clients do not rebind when chasing referrals.
>
>When using the command line tools which may modify the
>directory, it's best to use the -R option and than manually
>chase the referral by reissuing the command to the
>appropriate server.
>
>You are, of course, welcome to hack up the clients to support
>rebinding... (I would welcome patches that implement rebind
>in a manner that provided adequate transmission of credentials
>to unintended server).
>
>Kurt
>
>