[Date Prev][Date Next]
Re: authenticating from netscape, take 2
If I understand correctly, the "entry" "attribute" refers to the whole record,
not exclusively to the DN. Read Acces to "entry" is required to look at the
record to see what attributes are present and then individual attribute access
rights are evaluated to see if you are allowed to see the value of each
attribute. I haven't red the code but this is what I found from experimenting
with acls. I'm sure Kurt will correct me if I'm wrong.
Jens Vagelpohl wrote:
> well, to be honest, this document on netscape's site that the FAQ refers to
> is not really all that helpful. i had found about the fact that netscape
> sends the email address to retrieve the DN from the mailing list archives.
> my biggest snag to get any data out of the LDAP server from netscape was the
> fact that i simply didn't know that the DN is called "entry" when i want to
> refer to it in the authentication. i didn't see that in the ACL section of
> the docs at all.
> other than that my next problem, getting the full dataset after
> double-clicking on an entry in the list of matches, seems to have a netscape
> problem. i upgraded from 4.72/Mac to 4.75/Mac and suddenly that works as
> i am going to add all this stuff (and *really* explain netscape's data
> retrieval sequence) to the FAQ-O-Matic.
> on 10/20/00 19:36, Kurt D. Zeilenga at Kurt@OpenLDAP.org wrote:
> > At 03:10 PM 10/20/00 -0400, Jens Vagelpohl wrote:
> >> next step is actually retrieving the full set of data. i did see one mailing
> >> where a guy described the same problem: when you double-click on the listed
> >> entry netscape goes back to the ldap server to retrieve the full entry.
> >> BUT... it binds anonymously again, so all i get is the DN and nothing else.
> >> searching the mailing list further provided no clue.
> > Try the FAQ. It provides a number of Netscape specific answers
> > (you are welcomed to additional ones). In particular,
> > "How to customize LDAP settings in Netscape Communicator?"
> > <http://www.openldap.org/faq/index.cgi?file=138> provides a
> > reference to the Netscape document detailing their use of
> > LDAP.
Patrick Timmons, service informatique