[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: cn=config and authz-regexp

On 11/30/2010 01:37 PM, Hallvard B Furuseth wrote:
Julien Vehent writes:
On my former installation, I have SASL configured using :
authz-regexp "^uid=([^,]+).*,cn=[^,]*,cn=auth$"
authz-policy to
password-hash   {CLEARTEXT}

How do I translate this into cn=config directives ?

'man slapd-config' says the attributes are olcAuthzRegexp,
olcAuthzPolicy and olcPasswordHash.

I believe it should be stored into

I the manpage the two first are under GLOBAL CONFIGURATION OPTIONS, so
they should be in the cn=config entry.  olcPasswordHash is under GLOBAL
DATABASE OPTIONS which explains it can be in the frontend entry or the
actual database entry.

Avoid editing the cn=config files directly.  Use ldapmodify, slapadd or
slapmodify to add the directives, that way slapd will do some

Thanks, that did the trick.
I was looking for the relevant documentation source online, but not to the man page.