On 22/03/10 18:29 +0200, Μανόλης Βλαχάκης wrote:
on the ldapwhoami command i get:
*SASL/GSSAPI authentication started* *SASL username: kadmin/admin@TEIPIR.GR* *SASL SSF: 56* *SASL data security layer installed.* *dn:krb5PrincipalName=kadmin/admin@TEIPIR.GR,ou=kerberos,dc=teipir,dc=gr*
on the other hand without mapping we get :
SASL/GSSAPI authentication started SASL username: kadmin/admin@TEIPIR.GR SASL SSF: 56 SASL data security layer installed. dn:uid=kadmin/admin,cn=gssapi,cn=auth
Looks good.
Do you have an authz-policy set?
with the ACL set : *access to * by * write*
by * read*by * auth*1)i get all the time the value gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth 2)and the uid value remains empty....
That looks like UNIX domain socket via an ldapi connection, by the root user (or a user with UID of 0).
You should probably have a mapping for it as well. I map root to the admin user on my system.