[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP Autentication.
You need a "by anonymous auth" clause, in addition to the "by self read" clause.
Craig
On Mon, 3 Jun 2002, fi-claudemir wrote:
> Hello Friends
>
> I´m trying to understand how to bind and autenticate users in a LDAP Server.
> I imported the users to the LDAP (using migrationtools) and I can autenticate then from all servers (login and FTP) after run the authconfig tool.
> However when trying to use ACLs I can not autenticate. Actually I did not understand well how ACLs works.
>
> My NET
> ------------
>
> - There are 5 Linux servers and I´d like to autenticate all users in a LDAP server (SERVER1).
> SERVER1(Ldap) -- SERVER2 -- SERVER3 SERVER4 -- SERVER5
>
> I already have the LDAP tree
> ou=group1,o=mycompany,c=BR
> ou=group2,o=mycompany,c=BR
> ou=group3,o=mycompany,c=BR
> ou=group4,o=mycompany,c=BR
> ou=group5,o=mycompany,c=BR
>
>
> I would like to have diferent groups in the LdapServer and autenticate them according to the groups.
> So I tryied to use the ACLs in the slap.conf
>
> access to dn=".*,ou=group1,o=mycompany,c=BR" by self read
> access to dn=".*,ou=group2,o=mycompany,c=BR" by self read
> access to dn=".*,ou=group3,o=mycompany,c=BR" by self read
> access to dn=".*,ou=group4,o=mycompany,c=BR" by self read
> access to dn=".*,ou=group5,o=mycompany,c=BR" by self read
>
> By using this, I can not autenticate, however if use
> access to dn=".*,ou=group1,o=mycompany,c=BR" by * read the autentication works, but for everybody (so I have no protection).
>
> Is my explanation clear ?
> Can someone please help me please ?
>
>
>
> Regards
>
> Claudemir F. Martins
>
>
>
>
--
........................................................................
$Id: mathdeptsysadmin,v 2.0 Mon Jun 3 11:58:24 2002 Craig Squires Exp $
Your excuse is: The vendor put the bug there.
[Excuse courtesy of The BOFH-style Excuse Server: nc riemann excuses]