[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access Control Question

To: Tod Thomas <tthomas@chubb.com>
Subject: Re: Access Control Question
From: "Kurt D. Zeilenga" <kurt@boolean.net>
Date: Sat, 04 Dec 1999 20:00:42 -0800
Cc: openldap-software@OpenLDAP.org
In-reply-to: <38399393.F1B42E5B@chubb.com>

Sounds like you changed the syntax of userPassword to binary.
OpenLDAP 1.2 requires it to be 'ces' if hashed passwords are
in use.  (This is actually considered a bug)

At 02:03 PM 11/22/99 -0500, Tod Thomas wrote:
>Does anybody have some good references to help in debugging an access
>control problem?  I have a third party security product that can use
>LDAP to authenticate.  Right now it looks like the only user I can get
>to authenticate is the rootdn, no other users seem to work.  I can see
>the product connecting and performing a search using  a valid filter but
>authentication fails anyway.  I was originally suspect of the security
>software, or the possibility I had not compiled in the correct
>encryption routines.  When I got the rootdn entry to work with its {SHA}
>encrypted password it invalidated that theory.  Any ideas?
>
>Thanks - Tod
>
>

----
Kurt D. Zeilenga		<kurt@boolean.net>
Net Boolean Incorporated	<http://www.boolean.net/>

Follow-Ups:
- Re: Access Control Question
  - From: Tod Thomas <tthomas@chubb.com>

Prev by Date: Re: OpenLDAP as Replica for Netscape Directory Server
Next by Date: Re: ACI troubles.
Index(es):
- Chronological
- Thread