Hi,
I have two ldap entries:
dn:cn=me,ou=users,dc=kapott,dc=org objectclass:person cn:me userPassword:...
dn:cn=me,ou=imap,ou=groups,dc=kapott,dc=org objectclass:alias objectclass:extensibleObject aliasedObjectName:cn=me,ou=users,dc=kapott,dc=org cn:me
I can use the first DN to successfully bind to the LDAP server, but not the second one. It would be nice to be able to use "cn=me,ou=imap,ou=groups,dc=kapott,dc=org" as bind DN too, but without duplicating the whole "person" entry with the userPassword.
Is this possible?
Thanks and regards -stefan-
Stefan Palme wrote:
Hi,
I have two ldap entries:
dn:cn=me,ou=users,dc=kapott,dc=org objectclass:person cn:me userPassword:...
dn:cn=me,ou=imap,ou=groups,dc=kapott,dc=org objectclass:alias objectclass:extensibleObject aliasedObjectName:cn=me,ou=users,dc=kapott,dc=org cn:me
I can use the first DN to successfully bind to the LDAP server, but not the second one. It would be nice to be able to use "cn=me,ou=imap,ou=groups,dc=kapott,dc=org" as bind DN too, but without duplicating the whole "person" entry with the userPassword.
According to RFC4511, ...
([RFC4513], Section 5.2). Where the server attempts to locate the named object, it SHALL NOT perform alias dereferencing.
(section 4.2).
p.
openldap-technical@openldap.org
-
Pierangelo Masarati -
Stefan Palme