Re: LDAP authenticaton against PAM how-to

[manu@netbsd.org (Emmanuel Dreyfus)]

Howard Chu <hyc@symas.com> wrote:

> > (In fact, I was not even able to build it) 
> But you should send feedback about what specific problems you encountered,
> otherwise things will never improve.

Sure, don't worry, when I'll have a useful feedback, I'll have sent it.
I experienced obscure configure issues, and I need to investigate a bit
more to tell you what is wrong.

> > I could not even find a place where it is said that userPassword should
> > be {SASL} followed by the login. 
> The use of this mechanism is not recommended. We don't document deprecated
> mechanisms.

Then what is the recommended method? I did not find that information.
What should go in that field?

[ACL log output is meaningless]
> That was not a flame, just a statement of fact. The same as if the messages
> were written in Greek and you didn't know how to read Greek. If you don't
> know the language, you're in no position to judge if it is meaningful or not.

Except that I can go to the bookstore and buy a book to learn greek. I'm
not aware of any document explaining how to understand what goes wrong
in slapd ACL.

> Show us your ACL configuration, a sample operation, and the logs that are
> produced.

Now it works, so there is no more problem to solve, but you'll jave the
opportunity to show me I'm wrong and tell me where is the relevant
information on the next ACL probem I'll encounter.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org