[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: objectClass for bindDN

To: Dave Horsfall <daveh@ci.com.au>
Subject: Re: objectClass for bindDN
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Thu, 16 Jan 2003 18:22:21 +0100
Cc: OpenLDAP Software List <openldap-software@OpenLDAP.org>
In-reply-to: <20030116113807.M4955-100000@mippet.ci.com.au>
References: <20030116113807.M4955-100000@mippet.ci.com.au>

Dave Horsfall writes:
> What sort of objectClass do people generally use for the bindDN?
> We're using extensibleObject (set up by my predecessor)

I've used organizationalRole + simpleSecurityObject (for "Manager"),
person (for a personal name) or account + simpleSecurityObject (for a
username).  The simpleSecurityObject and person object classes allow the
userPassword attribute.

Or I've just used rootdn and rootpw in slapd.conf, with no corresponding
entry in the directory.

> and I'm seeing obscure problems such as the userPassword attribute not
> being copied during a sync (not a replication).

There have been problems with extensibleObject until recently (OpenLDAP
2.1.10 or something), but I can't imagine how that one would happen.
Still, it might help to upgrade to the latest release.

-- 
Hallvard

Follow-Ups:
- Re: objectClass for bindDN
  - From: Dave Horsfall <daveh@ci.com.au>

References:
- objectClass for bindDN
  - From: Dave Horsfall <daveh@ci.com.au>

Prev by Date: Re: how to check uniqueness of uidNumber ?
Next by Date: Re: test fails for version 2.0.27
Index(es):
- Chronological
- Thread