[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Binding to LDAP

To: Theodore Reph <ted@reph.org>
Subject: Re: Binding to LDAP
From: Tony Earnshaw <tonni@billy.demon.nl>
Date: 21 Dec 2002 00:42:27 +0100
Cc: openldap-software@OpenLDAP.org
In-reply-to: <629B35334AC03A45B871F3CCDA94160912873D@is1.webservices.internet-stuff.com>
Organization:
References: <629B35334AC03A45B871F3CCDA94160912873D@is1.webservices.internet-stuff.com>

fre, 2002-12-20 kl. 23:17 skrev Theodore Reph:

> When connecting to a ldap server, must  the binddn be the rootdn?

No.

> 
> For example,  
> Ldapsearch -x -w secret -D "cn=Manager,dc=reph,dc=org"

Should work, all things being equal.

> If I add a record to the db that has uid of "Mary" and userPassword
> "secret", shouldn't I be able to connect to the ldap server by doing
> Ldapsearch -x -w secret -D "uid=Mary,dc=reph,dc=org" 

Yes, but it is not wise to use the same password for everyone :-)

> Providing that in the slapd.conf I have
> access to *
> 	by dn="uid=Mary,dc=reph,dc=org" 

This is not normal procedure. First Mary should prove who she is by
authenticating. This she (rather obviously) should be able to do as an
anonymous object.

Secondly, you don't appear to have given Mary any rights.

Best,

Tony

-- 

Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl

References:
- Binding to LDAP
  - From: "Theodore Reph" <ted@reph.org>

Prev by Date: Re: Unexpected search latency on indexed field.
Next by Date: slurpd segmentation fault - a desparate call for help
Index(es):
- Chronological
- Thread