[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP duplication

To: 25Dollar Tech <25dollartechhelp@gmail.com>
Subject: Re: OpenLDAP duplication
From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
Date: Mon, 30 Sep 2013 12:09:21 +0100
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <CAL5RqXORmUi_AvGd6cTaeq=8-2fCEjakTZ54=YU7vcGRmwfVAA@mail.gmail.com>
References: <CAL5RqXORmUi_AvGd6cTaeq=8-2fCEjakTZ54=YU7vcGRmwfVAA@mail.gmail.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On Mon, Sep 30, 2013 at 01:39:03PM +0400, 25Dollar Tech wrote:

> According to my understanding, LDAP authenticates (binds) with DN (distinguish
> name) and password. E.g. CN=bob, OU=Users,DC=test,DC=com.
> 
> So OpenLDAP allows the same CN in a different OU.

Yes of course - that is how LDAP and X.500 are designed.

>  Is there any option to prevent it. ?

Use the 'unique' overlay:

	http://www.openldap.org/doc/admin24/overlays.html#Attribute%20Uniqueness

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

References:
- OpenLDAP duplication
  - From: 25Dollar Tech <25dollartechhelp@gmail.com>

Prev by Date: Re: separate login/password for several services?
Next by Date: Antw: building SLES packages on openSuSE Build Service
Index(es):
- Chronological
- Thread