[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL's for SASL compat.

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: ACL's for SASL compat.
From: Marc Heckmann <heckmann@hbesoftware.com>
Date: Sat, 07 Oct 2000 12:38:43 -0400
Cc: openldap-software@OpenLDAP.org
References: <5.0.0.25.0.20001006123019.00a3cbe0@router.boolean.net> <5.0.0.25.0.20001003150536.00a41520@router.boolean.net> <20001003171559.B7227@hbesoftware.com> <5.0.0.25.0.20001003150536.00a41520@router.boolean.net> <20001003205221.A17171@hbesoftware.com> <5.0.0.25.0.20001004085440.00a7be00@router.boolean.net> <5.0.0.25.0.20001004103651.00a30eb0@router.boolean.net> <39DB7DCC.F20B994B@hbesoftware.com> <5.0.0.25.0.20001004143821.00a69960@router.boolean.net> <20001006150945.D7227@hbesoftware.com> <5.0.0.25.0.20001006123019.00a3cbe0@router.boolean.net> <5.0.0.25.0.20001006163403.00a3a570@router.boolean.net>

Ok,

	It got it to work _BUT_ only if I have:

by dn="uid=.+\+realm=schoenberg" write

Could this be a bug? If I use "by dn="uid=testuser\+realm=schoenberg"
write" it fals with the same insufficient access error.. my authzdn in
the trace is clearly "uid=testuser + realm=schoenberg". BTW, -O
maxbufsize=0 does not make a difference for the error when using
"loglevel=1".

	Cheers,

	-Marc

"Kurt D. Zeilenga" wrote:
> 
> At 04:35 PM 10/6/00 -0400, Marc Heckmann wrote:
> >I get a "Can't contact ldap server" error"
> 
> That's a bug which I'm working on fixing... disable layers
> to workaround (e.g.: -O maxbufsize=0).
> 
> >here is the trace:
> >
> >Oct  6 16:31:49 schoenberg slapd[9297]: do_bind
> >Oct  6 16:31:49 schoenberg slapd[9297]: do_sasl_bind: dn () mech DIGEST-MD5
> >Oct  6 16:31:50 schoenberg slapd[9297]: SASL Authorize [conn=1]: "testuser" as "u:testuser"
> >Oct  6 16:31:50 schoenberg slapd[9297]: slap_sasl_bind: username="u:testuser" realm="schoenberg" ssf=128
> >Oct  6 16:31:50 schoenberg slapd[9297]: <== slap_sasl_bind: authzdn: "uid=testuser + realm=schoenberg"

Follow-Ups:
- Re: ACL's for SASL compat.
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: ACL's for SASL compat.
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- ACL's for SASL compat.
  - From: Marc Heckmann <heckmann@hbesoftware.com>
- Re: ACL's for SASL compat.
  - From: Marc Heckmann <heckmann@hbesoftware.com>
- Re: ACL's for SASL compat.
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: ACL's for SASL compat.
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: ACL's for SASL compat.
  - From: Marc Heckmann <heckmann@hbesoftware.com>
- Re: ACL's for SASL compat.
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: ACL's for SASL compat.
  - From: Marc Heckmann <heckmann@hbesoftware.com>
- Re: ACL's for SASL compat.
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: Server-side sizelimit
Next by Date: Re: Server-side sizelimit
Index(es):
- Chronological
- Thread