Re: remote credentials for local branch with authz-regexp

[Marc Patermann <hans.moser@ofd-z.niedersachsen.de>]

Hugo,

Hugo Monteiro schrieb am 23.02.2011 13:22 Uhr:

> I'm using translucent in a local server. That same server also has an 
> extra local database, which is a local only branch of the remote 
> database. This database is a subordinate and they glue together well.
> Now, for the sake of management, i need to be able to identify to the 
> local database (rootdn) but using credentials from the remote database.
> Assuming one has
>
> translucent to remote - dc=example,dc=com
> with remote admin user cn=admin,dc=example,dc=com
>
> local - ou=localbranch,dc=example,dc=com
> with rootdn admin user cn=admin,ou=localbranch,dc=example,dc=com
>
> I tried the follwing on the local server
>
> database        hdb
> suffix          "ou=localbranch,dc=example,dc=com"
> rootdn          "cn=admin,ou=localbranch,dc=example,dc=com"
> rootpw          "secret"
Have you tried

database        hdb
suffix          "ou=localbranch,dc=example,dc=com"
rootdn          "cn=admin,dc=example,dc=com"

? Where cn=admin,dc=example,dc=com is a valid object you can bind to.
You cannot have rootpw here, because "The  password  can  only  be  set 
 if  the  rootdn is within the namingContext (suffix) of the database." 
man slapd.conf


Marc