[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Referral -> insufficient access



How comes it works (using the same OpenLDAP ldap* tools) with another
directory server?
I cannot manage to find a "-R" option to ldapadd (the one that comes with
OpenLDAP 1.2.6).

Thanks for your help!

Frederic.

At 13:12 2/09/99 -0700, you wrote:
>At 07:12 PM 9/2/99 +0200, Frédéric Poels wrote:
>>I am running slapd 1.2.6 on two AIX machines, replicating from one to
another.
>>Replication works fine wrom Master to Slave. Changes applied to the Master
>>are replicated to the slave. Changes applied to the slave return an
>>"Insufficient access" error.
>
>Changes to the slave should be referred to the master.  The
>client should automatically chase this referral.  However,
>many clients (including OpenLDAP ldap* tools) do not support
>rebind when simple bind is in use.  This is a security feature.
>
>As OpenLDAP 1.x only implements simple bind, all of the
>provided clients do not rebind when chasing referrals.
>
>When using the command line tools which may modify the
>directory, it's best to use the -R option and than manually
>chase the referral by reissuing the command to the
>appropriate server.
>
>You are, of course, welcome to hack up the clients to support
>rebinding...  (I would welcome patches that implement rebind
>in a manner that provided adequate transmission of credentials
>to unintended server).
>
>Kurt
>
>