Re: strong bind with back-ldap

Dieter Kluenter wrote:

Hello,

Pierangelo Masarati ando@sys-net.it writes:

...

Dieter Kluenter wrote:

...

Hi,

...

...

| acl-bind | bindmethod=sasl | saslmech=digest-md5 | authcId=admanager | credentials=xxx | #idassert-authzFrom dn.regex:cn=(.*),ou=(*)?dc=dkluenter,dc=de | idassert-bind | bindmethod=sasl | saslmech=digest-md5 | authzId=u:admanager

I got it properly working in the end. acl-bind rules as above

idassert-bind bindmethod=sasl saslmech=digest-md5 authcId=admanager credentials=xxx mode=self

the manual page slapd-ldap is not quite clear about mode parameters, so I was relying on default, thats why I configured authzId=u:admanager.

Sorry for misleading you. I also thought the default was "self". This definitely needs clarification.

Cheers, p.

Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------