[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: saslAuthz{To|From}
>Hence, the general, auto dnauthzid form could be simply
> uid=userid,cn=MECH,cn=auth
This would make sense.
FWIW, when I authenticate from a non-local Kerberos realm (off.padl.com)
to a slapd in the local realm (dsg.padl.com) the authorization DN looks
like:
uid=lukeh@off.padl.com,cn=dsg.padl.com,cn=gss-spnego,cn=auth
So I can't see what value "cn=dsg.padl.com" adds as it is always the same.
Anyway, I've changed my regex rules now so I don't mind if it stays
the same :-)
-- Luke