[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP authenticaton against PAM how-to

Emmanuel Dreyfus wrote:
I could not even find a place where it is said that userPassword should
be {SASL} followed by the login.
The use of this mechanism is not recommended. We don't document deprecated

Then what is the recommended method? I did not find that information. What should go in that field?

Of course you could always have checked the FAQ. http://www.openldap.org/faq/data/cache/944.html

[ACL log output is meaningless]
That was not a flame, just a statement of fact. The same as if the messages
were written in Greek and you didn't know how to read Greek. If you don't
know the language, you're in no position to judge if it is meaningful or not.

Except that I can go to the bookstore and buy a book to learn greek. I'm not aware of any document explaining how to understand what goes wrong in slapd ACL.

You're clearly not aware of a lot. As other posters have already indicated, there's plenty of information out there, and a search on simple keywords like "SASL" and "userpassword" would have been all that was necessary to find the answers in this case.

Your failure to find answers doesn't prove that they don't exist. (Obviously - it's impossible to prove nonexistence of a thing.) If you had asked first, someone might have pointed you in the right direction and saved you a lot of effort.

Show us your ACL configuration, a sample operation, and the logs that are

Now it works, so there is no more problem to solve, but you'll jave the opportunity to show me I'm wrong and tell me where is the relevant information on the next ACL probem I'll encounter.

My statement above was an offer to help explain anything you might want explained. Frankly I have better things to do with my time than try to teach people who are so unwilling to learn. But yes, if you post "Here's how to do X" and I see that there's something wrong, I will say it's wrong. If you're actually interested in learning how to use the software, you'll pay attention. If you're just looking for a gold star and a pat on the head, go back to kindergarten.

  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  Chief Architect, OpenLDAP     http://www.openldap.org/project/