[Date Prev][Date Next] [Chronological] [Thread] [Top]

Readonly user for translucent proxy

To: openldap-technical@openldap.org
Subject: Readonly user for translucent proxy
From: Christoph Berkemeier <christop@physik.tu-berlin.de>
Date: Thu, 02 Dec 2010 18:59:52 +0100
User-agent: Thunderbird 2.0.0.24 (X11/20100623)

Greetings,

i am using an translucent proxy over here on Debian Lenny 64-bit in
version 2.4.11-1+lenny2. The proxy is working fine when i am using the
rootdn configured in my translucent proxy conf. But when i configure a
readonly dn like below, i get only parts of my upstream server.

The readonly is configured like this:
access to *
        by dn="cn=admin,dc=hq,dc=example,dc=com" write
	by dn="uid=tlc,ou=user,dc=example,dc=com" read
        by * read

With this config it should not even be necessary to configure an
additional user, should it?

The overlay is configured like this:
overlay     translucent
translucent_local memberUid
lastmod off
uri         ldaps://ldap.example.com
acl-bind    binddn="uid=tlc,ou=user,dc=example,dc=com"
credentials="verysecret"

Every authenticated dn uses the same binddn and credentials for the
upstream ldap server ldap.example.com, right?

Best Regards,
	Christoph Berkemeier

Prev by Date: Re: OpenLDAP on T2000
Next by Date: OpenLDAP 2.4 authentication methods
Index(es):
- Chronological
- Thread