[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: identity assertion



> On Sat, 21 Jan 2006, Pierangelo Masarati wrote:
>
>>authorization and SASL are orthogonal.  Without mucking with SASL, you
>>can use:
>>
>>ldapsearch -x -W -D cn=authorizeduser,dc=test \
>>        -e '!authzid=dn:cn=config,dc=test'
>>
>>this causes the tool to use the proxyAuthz control on that operation
>>(the '!' is because the control MUST be critical).
>
> Ah!  That's exactly what I've been looking for.
>
> I suppose if I had just checked the ldapsearch command-line help I would
> have seen that but I had been relying on the man page.
>
> Thanks so much!

Yes, I also noticed that the man page is lagging behind (this is one of
the controls that all tools share, so I guess we should provide a
ldaptools(1) man page which is referenced by each tool specific page, to
avoid duplications and inconsistencies).  Feel free to sumbit an ITS
(maybe with a patch? :)

p.



Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------