[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Bind dn connection



At 02:28 PM 6/12/2006, Prachi Sonalkar wrote:
>Hi all,
>I am currently setting up LDAP server user Openldap,
>and I need to specify few bind dns, specific to
>various sevice applications in the organization.
>I need to also set up a limit on number of bind dn
>connections,

I assume you want to limit the number of connections
a particular authentication identity (or, maybe,
authorization identity) may have open to a particular
server.  At present, no such mechanism exists.

>which I am not aware how to do (I tried
>to dig in through the Openldap FAQs)
>I tried to configure ldap.conf with bind dn and bindpw
>values as follows:
>domain  company.com
>server  company.com:389
>BASE    dc=company,dc=com
>binddn  "cn=service1,dc=company,dc=com"
>bindpw  password

domain, server, and bindpw are not valid OpenLDAP
ldap.conf(5) directives.  See ldap.conf(5) for details.

Anyways, OpenLDAP ldap.conf(5) provides defaults for
the LDAP client library.  As it seems to me that you are
looking for some server-side administrative control, I
do not see how this file could be relevant.

>but the specified bind dn and password are not
>accepted to establish a bind to the LDAP server.

Given the above, that's not surprising.

>The idea is to enable authorized services establish a
>persistent bind connection with the LDAP server;

Seems like you seek information about a particular
directory application/client.  If so, you should
do so on a list about that application/client.

>and
>also limit the number of such bind connections at LDAP
>end.

Regarding server limits, see above note.

>Has someone tried this, and can suggest me what is
>going wrong?
>
>Any help will be appreciated!
>
>Thanks,
>PS.
>
>
>
>__________________________________________________
>Do You Yahoo!?
>Tired of spam?  Yahoo! Mail has the best spam protection around 
>http://mail.yahoo.com