[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problems with authentication

To: Douglas Rehg <drehg@fishcicle.com>
Subject: Re: problems with authentication
From: Adam Williams <awilliam@whitemice.org>
Date: 31 Mar 2002 21:57:02 -0500
Cc: OpenLDAP-Software@OpenLDAP.org
In-reply-to: <5.1.0.14.0.20020331073816.00ae8b70@mail.fishcicle.com>
References: <5.1.0.14.0.20020331073816.00ae8b70@mail.fishcicle.com>

> # ldbm access control definitions
> access to attr=userPassword
> 	by self write
> 	by anonymous auth
> 	by dn="cn=Admin,dc=stooges,dc=org" write
> 	by * none
> access to *
> 	by self write
> 	by dn="cn=Admin,dc=stooges,dc=org" write
> 	by users read
> ****************************************************
>In eudora, my settings have me doing my base search on o=stooges.  If I set 

?  Why isn't you base for searches "dc=stooges,dc=org"?

>the access to "defaultaccess to read" in slapd, clients on my windows box 
>can access the ldap server.  But as soon as I set it to the above settings, 
>and try to bind using either uid, or combinations of cn, ou, o, and/or dc 
>and the password, I cannot access.

You have to bind with a DN.  

>Any ideas?  I am also looking hrough the archives to see if I can find an 
>answer...but doesn't hutrt to ask at the same time :)

Allow the attributes the mail clients want to search to be read
anonymously,  that is the easiest way.  All they usually need is cn, sn,
givenname, and mail (usually),  they you don't need to bother with
binding.

Follow-Ups:
- Re: problems with authentication
  - From: Douglas Rehg <drehg@fishcicle.com>

Prev by Date: Re: Weird NSS/PAM Problem
Next by Date: Re: Problem in login?
Index(es):
- Chronological
- Thread