[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: saslAuthz failing to *compare*

lør, 06.03.2004 kl. 10.10 skrev Pierangelo Masarati:

> saslAuthzTo: dn.regex:uid=.*,ou=Users,.*,ou=Domains,o=MyOrg,c=US

Just so that it's known: This has solved an *enormous* problem that I
had after upgrading from 2.1.25 to 2.2.x. My old "saslAuthzTo:
cn=.*,dc=billy,dc=demon,dc=nl" didn't work any more, and I had to use a
hugely resource-consuming URI, looking up all objectclass=Person in the
DIT to get saslAuthzTo to work.

Good that it'll be documented in future.

That notwithstanding: I found out by myself that my 2.1.x ACLs didn't
work as expected any more, until I started using "dn.mumble=cn=mumble"
style" (thanks for the new wildcard, Wietse :) ACLs. Now they work much
better and consistently with "intuition" (depending on one's intuition,
I suppose).



mail: billy - at - billy.demon.nl