Re: Getting LDAP and SASL (digest-md5) to play nice

[Tony Earnshaw <tonni@hetnet.nl>]

Michael Ströder skrev, on 07-03-2008 11:41:

> > You need one more attribute there, an operational attribute that you 
> > can add with ldapmodify: authzTo.
>
> No, the authzTo attribute has nothing to do with mapping a SASL identity 
> to a LDAP entry DN!
>
> It is used for specifying the set of possible authz-DNs for a specific 
> authc-DN when proxy authorization control is sent along with a LDAP 
> request by this identity. This is a totally different thing.

Funnily enough this is what I use it for ...

Best,

--Tonni

--
Tony Earnshaw
Email: tonni at hetnet dot nl