Am Tue, 28 Dec 2010 14:31:46 +
schrieb Ubay Dorta Guerra udo...@iac.es:
Hi,
El 28/12/10 12:00, openldap-technical-requ...@openldap.org escribió:
Hi,
Am Mon, 27 Dec 2010 15:15:21 +
schrieb Ubay Dorta Guerra udo...@iac.es:
The simple bind under TLS worked but when i
Hi,
I have upgraded from 2.3.43 to 2.4.22 on CentOS 5.5.
Everything works fine, except my ACLs don't work on the new version.
Strange results occur.
Has anything changed significantly in v2.4 ACLs in comparison to v2.3 ACLs?
For example, the following piece of code works as expected in v2.3
Am Tue, 28 Dec 2010 17:07:17 +0200
schrieb Nick Milas n...@eurobjects.com:
Hi,
I have upgraded from 2.3.43 to 2.4.22 on CentOS 5.5.
Everything works fine, except my ACLs don't work on the new version.
Strange results occur.
Has anything changed significantly in v2.4 ACLs in comparison
On 28 déc. 10, at 16:07, Nick Milas wrote:
Hi,
I have upgraded from 2.3.43 to 2.4.22 on CentOS 5.5.
Everything works fine, except my ACLs don't work on the new version.
Strange results occur.
Has anything changed significantly in v2.4 ACLs in comparison to
v2.3 ACLs?
Just a guess.
Thank you all for your suggestions,
Obviously, what Thiery mentioned was the cause of the problem.
After some experiments, I added the following in the beginning of my
acl.conf :
access to dn.sub=dc=example,dc=com attrs=children,entry
by
Hello,
I'm setting up an openldap server for Kerberos (GSSAPI) authentication only.
I'm using slapd-2.4.21 from Ubuntu 10.04.1.
It's basically working, and I had to do very little other than change
export KRB5_KTNAME in /etc/default/slapd to point to the service keytab.
However, there are a
Supplementary question: I tried to set minssf so as to require encryption,
like this:
# ldapmodify -Y EXTERNAL -H ldapi:/// EOS
dn: cn=config
replace: olcSaslRealm
olcSaslRealm: WS.NSRC.ORG
-
replace: olcSaslSecProps
olcSaslSecProps: noanonymous,noplain,minssf=112
EOS
Unfortunately I now seem to
On Tue, Dec 28, 2010 at 09:26:56AM +, Brian Candler wrote:
(1) According to the documentation at
http://www.openldap.org/doc/admin24/sasl.html#GSSAPI
then the authentication DN should be
uid=primary[/instance],cn=realm,cn=gssapi,cn=auth
However, running slapd in debug mode I see the
As far as OpenLDAP is concerned no. And frankly, I'd be surprised if that made
a difference for anything else.
Kinda the whole point of the VIP. :)
FWIW: I'm not using Kerberos, but all my servers are behind VIPs.
- chris
Chris Jacobs, Systems Administrator
Apollo Group | Apollo Marketing
Brian Candler wrote:
Hello,
I'm setting up an openldap server for Kerberos (GSSAPI) authentication only.
I'm using slapd-2.4.21 from Ubuntu 10.04.1.
It's basically working, and I had to do very little other than change
export KRB5_KTNAME in /etc/default/slapd to point to the service keytab.
Am Tue, 28 Dec 2010 09:41:33 +
schrieb Brian Candler b.cand...@pobox.com:
Supplementary question: I tried to set minssf so as to require
encryption, like this:
# ldapmodify -Y EXTERNAL -H ldapi:/// EOS
dn: cn=config
replace: olcSaslRealm
olcSaslRealm: WS.NSRC.ORG
-
replace:
11 matches
Mail list logo
