[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x

To: lukeh@PADL.COM
Subject: Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
From: Alberto Patino <jalbertop@aranea.com.mx>
Date: 26 May 2003 19:50:33 -0500
Cc: heimdal-discuss@sics.se
In-Reply-To: <200305262321.JAA76809@au.padl.com>
References: <001701c315dc$ca3894c0$0e01a8c0@CELLO><1052511670.1966.69.camel@newton><amptm7qmav.fsf@nutcracker.stacken.kth.se><1053972016.3370.54.camel@newton> <200305262321.JAA76809@au.padl.com>
Sender: owner-heimdal-discuss@sics.se

On Mon, 2003-05-26 at 18:21, Luke Howard wrote:
> 
> >Well, you do need to patch the hdb-ldap.c file because it has a new call
> >to do a EXTERNAL SASL mechanism to use the local IPC LDAPI interfase
> >between the kadmin tool and the slapd backend. (The old OpenLDAP release
> >2.0.x didn't required any bind mechanism to access the LDAP server). It
>                                              ^^^^^^
> 
> Actually, 2.1.x supports anonymous reads, but not anonymous writes (as
> did 2.0.x).
Yes that's much more precise!

> 
> You will also want a SASL regexp to map to the root DN (or some other
> user with appropriate permissions):
> 
> For example:
> 
> sasl-regexp uidNumber=0\\\+gidNumber=0,cn=peercred,cn=external,cn=auth "cn=Directory Manager,dc=sics,dc=se"
> 
Oops I dont have this mapping in my slapd file but I do have this:

slapd.conf:

access to dn.base="ou=development,o=test,dc=com,dc=mx"
	by sockurl.exact=ldapi:/// write
        by dn="uid=albertop*" write
	 by * read

access to *
	by sockurl.exact=ldapi:/// write
	 by dn="uid=albertop*" write
	 by * read


-- albertop

References:
- RE: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
  - From: "Howard Chu" <hyc@highlandsun.com>
- RE: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
  - From: Alberto Patino <jalbertop@aranea.com.mx>
- Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
  - From: Love <lha@stacken.kth.se>
- Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
  - From: Alberto Patino <jalbertop@aranea.com.mx>
- Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
  - From: Luke Howard <lukeh@PADL.COM>

Prev by Date: Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
Next by Date: Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
Prev by thread: Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
Next by thread: Re: [Heimdal PATCH] LDAP backend support for OpenLDAP 2.1.x
Index(es):
- Date
- Thread