[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapdb.c usage: what objectClasses for a proxy entry?

---- Kevin <openldap@gnosys.biz> wrote:
> Hi again, folks:
> According to one of Tony's posts in that thread that I mentioned before
> in the archives at
> http://www.openldap.org/lists/openldap-software/200310/msg00273.html
> the newly added saslAuthzTo attribute(s) should be viewable and
> changeable from a GUI client like GQ after adding it/them with the ldap*
> clients.  I think I added it successfully (used ldapadd with the ldif
> below and got an "action successful" report afterwards and I can't add
> it again because it's already there), but I don't see it when I look at
> the entry using GQ (nor do I see it with ldapsearch for that matter).
> Is this the way it's supposed to be or have I done something wrong here.
> dn: uid=saslproxy,ou=agents,o=gnosysllc.com
> changetype: modify
> add: saslAuthzTo
> saslAuthzTo:ldap://my.server.com/o=server.com??sub?(objectClass=inetOrgPerson)

The saslAuthz attributes are operational attributes. They can be used with any objectclass, and must be requested explicitly in a search in order to view them.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, 
Highland Sun
  Symas: Premier OpenSource Development and