[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Re-investigating ppolicy + chain issues on a consumer: chain configuration

Siddhartha Jain <sjain@silverspringnet.com> writes:

> I am still stuck at the same place where a chained consumer allows a
> client to auth with a bad password. Remove chaining and bad passwords
> are no longer accepted.
> To troubleshoot from scratch, I am curious about how chaining should
> be configured in the new ldif-based configuration scheme?
> Interestingly, it creates two "ldap" databases for a single "chain"
> overlay. Can someone please explain why/how is this so? Why does
> chaining go to "frontend" db instead of being under the database that
> is chained? I tried to create the "ldap" databases under a "bdb"
> database but OpenLDAP won't allow that.

Two databases are created because chain in principle is a ldap backend
plus additonal chaining configuration options.


Dieter Klünter | Systemberatung
sip: +49.40.20932173