[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap server migration issue

Please keep replies on the list.

Naveen.X1.Sarabu@chase.com wrote:

On the current running prod server i have the same settings(acls).
users line is commented but "by * read " should allow users to read
the information.

What I'm trying to tell you is that ACL parsing never gets to that "by * read" because it comes __after__ a commented out line. As such, that "by * read" is either a continuation of the comment or garbage. The fact that on the "current running prod server you have the same settings" is irrelevant.

i am suspecting it some thing to do with password scheme. in ldap all
passwprds are in {CRYPT}. I dont know in OS level what scheme it is
using and how to check?

No, passwords are in whatever hash you created them (default {SSHA}), and {CRYPT} is the worst choice you could make.


Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it