[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL problem -- user accessing own password

Hi Christine,

I'd be interested in your solution since this is the problem I am also faced with when binding to the slave. I would bind as root to the slave and get an LDAP_REFERRAL (10) and my code wouldn't know what to do with it. I had though that I was rebinding to the master "anonymously" but as one person pointed out my client must be smart enough to rebind again with the new information from the referral. I'm using Perldap as the backend to do the webgui/ldap admin stuff. So if you can figure out of coding a smart client of handling this or even an API that'll be great.

Any news will be greatly appreciated.


jan-michael ong

At 11:37 AM 3/7/2002 +1100, you wrote:
Hi John,
        Thanks for your suggestion re checking the binding.  I have
now worked out what's happening, though I'm not sure if LDAP
is doing the right thing or not.  It's due to our setup --
dc=cordoors,dc=com in one directory with refs to dc=au,dc=cordoors,dc=com
dc=xx,dc=cordoors,dc=com ... which are in separate directories.

I am binding fine as me to begin with, but the bind id gets
lost along the way of chasing the references, so that when
it comes to actually getting the record values, it's effectively
anonymous.  Even for the root DN.  I don't know if this is
a bug or not, so I'll ask the list.

Dammit, I *knew* my inital bind was OK, 'cause I was getting
the expected results for wrong passwords etc.  Didn't occur
to me the bind might break along the way.

--Chris Robertson