[Date Prev][Date Next] [Chronological] [Thread] [Top]

slapd: The reverse of "authz-regexp": From Bind-DN to SASL authentication: Is it possible?

The slapd.conf option "authz-regexp", according to man page is...:

    Used by the authentication framework to convert simple
    user names, such  as  provided  by SASL subsystem, to an
    LDAP DN used for authorization purposes.

I am searching how to do the exact reverse thing, and I haven't found
an option for it. Specifically, I would like to convert the LDAP dn
provided in a simple LDAP bind, to an authentication token (userid,
realm, password) that would be passed to the SASL subsystem for the
purposes of authentication. The SASL subsystem would then be
responsible to do the authentication, just as if SASL authentication
('-Y') were used.

Am I correct in assuming that this functionality currently does not

Alexandros Vellis