[Date Prev][Date Next]
Re: AutoFS, GSSAPI, LDAPv3
On Fri, 23 Apr 2004, Patrick Shinpaugh wrote:
> I have implemented an LDAPv3 (Kerberos(GSSAPI), TLS, Cyrus-SASL, and
> OpenLDAP) server which is used for user validation/authentication and
> for automounting of NFS filesystems. To allow autofs 3.1.7 access to the
> LDAP database I was forced to add
> allow bind_v2 bind_anon_dn
> to my slapd.conf file. However, I was wondering if there is a way to set
> up LDAP so I can remove this allow statement and still have autofs able
> to access the automount information stored in the directory. I do have
> ACLs set up but I would rather not depend upon the ACLs alone to prevent
> unauthorized access to the information stored in the LDAP directory.
> If it is possible please let me know how.
Maybe this will help:
There were rumours that the latest autofs-4.1.x releases had merged LDAPv3
support, but I haven't tested yet.
Of course, there are still a few LDAPv2-oly clients around (mozilla for
example - hopefully it will be fixed soon).