[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Chain overlay and ACLs

> Knew I was forgetting something :)  Here's the overlay info from the
> slave:
> overlay                 chain
> chain-uri               "ldap://
> chain-idassert-bind bindmethod="simple"
> binddn="cn=ldapChain,o=partner_x,dc=example,dc=net"
>                         credentials="secret"
>                         mode="none"
> #                       mode="self"

The documentation I pointed you to clearly shows that you need to use
mode="self".  Please see slapd-ldap(5) for details on the meaning of those
parameters.  Enabling mode="self" requires the provider to be able to deal
with the proxied authorization control (RFC 4370) in requests.