[Date Prev][Date Next]
Re: Comparing slapcat output
Howard Chu writes:
>Pierangelo Masarati wrote:
>>> But why aren't slapd's DN normalization routines being used here
>>> considering it is slapd which adds that?
> slapd is hardcoded to generate DNs in this form for SASL/EXTERNAL over
> ldapi. It's been like this for a long time now, since release 2.2.13.
It doesn't work to use either that DN or gidnumber=0+uidnumber=0,... as
rootdn in OpenLDAP 2.3.4, probably because rootdn does get normalized.
A workaround is to rewrite it to the rootdn with authz-regexp.