I'm trying to set up a very simply slapd that takes incoming requests
locally, and forwards them on to a remote server using SASL/GSSAPI to get
the information, so that a internal app that doesn't understand SASL/GSSAPI
can get the information it needs.
I'm trying to configure back-ldap thusly
--On Wednesday, February 21, 2007 2:39 PM -0800 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
I'm trying to set up a very simply slapd that takes incoming requests
locally, and forwards them on to a remote server using SASL/GSSAPI to get
the information, so that a internal app that doesn't
Quanah Gibson-Mount writes:
> suffix "dc=stanford,dc=edu"
> (...)
> /etc/ldap/slapd.conf: line 17: invalid DN 21 (Invalid syntax)
include core.schema, which defines 'dc'.
--
Regards,
Hallvard
--On Wednesday, February 21, 2007 11:44 PM +0100 Hallvard B Furuseth
<[EMAIL PROTECTED]> wrote:
Quanah Gibson-Mount writes:
suffix "dc=stanford,dc=edu"
(...)
/etc/ldap/slapd.conf: line 17: invalid DN 21 (Invalid syntax)
include core.schema, which defines 'dc'.
Yeah. Unfortuna
--On Wednesday, February 21, 2007 11:52 PM +0100 Pierangelo Masarati
<[EMAIL PROTECTED]> wrote:
Quanah Gibson-Mount wrote:
--On Wednesday, February 21, 2007 2:39 PM -0800 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
I'm trying to set up a very simply slapd that takes incoming requests
Quanah Gibson-Mount wrote:
>
>
> --On Wednesday, February 21, 2007 11:52 PM +0100 Pierangelo Masarati
> <[EMAIL PROTECTED]> wrote:
>
>> Quanah Gibson-Mount wrote:
>>>
>>>
>>> --On Wednesday, February 21, 2007 2:39 PM -0800 Quanah Gibson-Mount
>>> <[EMAIL PROTECTED]> wrote:
>>>
I'm trying to
--On Thursday, February 22, 2007 12:23 AM +0100 Pierangelo Masarati
<[EMAIL PROTECTED]> wrote:
I have never tested back-ldap with GSSAPI; however, config parsing
exploits the slap_bindconf() code that's used throughout slapd (e.g. in
syncrepl), and the related SASL bind code was basically a
Quanah Gibson-Mount wrote:
> Sure. Which configuration do you want me to try it with? ;) Here is -d
> -1 with this config:
>
> idassert-bind bindmethod=sasl
>saslmech=gssapi
>realm=stanford.edu
>authcID=service/[EMAIL PROTECTED]
>
> authzID=dn:
--On Thursday, February 22, 2007 12:59 AM +0100 Pierangelo Masarati
<[EMAIL PROTECTED]> wrote:
Quanah Gibson-Mount wrote:
Sure. Which configuration do you want me to try it with? ;) Here is -d
-1 with this config:
idassert-bind bindmethod=sasl
saslmech=gssapi
On Thursday 22 February 2007 02:51, Quanah Gibson-Mount wrote:
> --On Thursday, February 22, 2007 12:59 AM +0100 Pierangelo Masarati
>
> <[EMAIL PROTECTED]> wrote:
> > Quanah Gibson-Mount wrote:
> >> Sure. Which configuration do you want me to try it with? ;) Here is -d
> >> -1 with this config:
--On Thursday, February 22, 2007 3:17 PM +0100 Ralf Haferkamp
<[EMAIL PROTECTED]> wrote:
Hm, if I understand you correctly, then you probably want to set
"mode=none" in idassert-bind. The following config worked for me with
OpenLDAP 2.3.33 proxying to an Active Directory:
idassert-authz
--On Thursday, February 22, 2007 10:13 AM -0800 Quanah Gibson-Mount
<[EMAIL PROTECTED]> wrote:
I re-set this up using my own build of OpenLDAP, and it all works, so
something is wrong with the package my co-worker is using. Thanks for the
config! :)
--Quanah
--
Quanah Gibson-Mount
Pri
12 matches
Mail list logo
