Hi!
I'm playing with mapping the DN of user certificates to (the DN of) LDAP users. Maybe I'm missing something, but it seems openLDAP appends the certificate DN to the LDAP context for authentication. That way the names can get really long, just as the olcAuthzRegexp will.
So can anybody give a real-life example which DN to use for the user certificates? I mean certificate DN, LDAP user context and olcAuthzRegexp.
Kind regards, Ulrich Windl
--On Tuesday, March 18, 2025 10:04 AM +0000 "Windl, Ulrich" u.windl@ukr.de wrote:
Hi!
I'm playing with mapping the DN of user certificates to (the DN of) LDAP users.
Maybe I'm missing something, but it seems openLDAP appends the certificate DN to the LDAP context for authentication.
That way the names can get really long, just as the olcAuthzRegexp will.
So can anybody give a real-life example which DN to use for the user certificates?
I mean certificate DN, LDAP user context and olcAuthzRegexp.
There's an example in the OpenLDAP test suite. test068-sasl-tls-external
--Quanah
openldap-technical@openldap.org
-
Quanah Gibson-Mount -
Windl, Ulrich