Am Mon, 29 Sep 2014 00:14:55 +0200
schrieb Ferenc Wagner <wferi(a)niif.hu>:
Ferenc Wagner <wferi(a)niif.hu> writes:
> I've got a partial syncrepl replica, which (among others) misses the
> userPassword attributes of the provider database. I added a pbind
> overlay to the replica, which forwards binds to the provider, thus
> it became possible to do simple binds against the replica. But
> access control on the replica does not honor these binds properly:
> "by users" works, but "by self" does not. Before I waste too
much
> time debugging: is it supposed to work at all? I tested this under
> 2.4.31 with:
>
> dn: olcDatabase={1}mdb,cn=config
> olcAccess: to * by
> dn.exact=gidNumber=119+uidNumber=116,cn=peercred,cn=external,cn=auth
> read by self read by * none olcSyncrepl: rid=1 [...]
>
> The external auth part works, and if I replace self with users, that
> works as well (but is not what I want). Do I expect too much?
Hi,
Would anybody please provide some guidance on this problem?
define an authorization regular expression in order to map sasl auth
string to a DN.
-Dieter
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E