18 Apr
2022
18 Apr
'22
2:57 p.m.
Quanah Gibson-Mount wrote:
We do something similar at Klarna. Our olcDbIDAssertBind configuration is:
[...]
I would note that we also have a custom patch applied to the OpenLDAP 2.4 series to fix an issue with proxy authorization (It does not fully apply to 2.5+) and ACL evaluation using the wrong identity.
Ok, this was ITS#9179, fixed in OpenLDAP 2.5.1+
Thanks Quanah, will check out this info.
Regards,
-Kartik