Re: [Freeipa-users] bind-dyndb-ldap: using keytabs for auth to ldap

Petr Spacek Wed, 02 Apr 2014 00:45:13 -0700

On 1.4.2014 21:51, Brendan Kearney wrote:

No, it is not.
http://port389.org/wiki/History


ok then.  still, i am trying to learn the individual pieces and get them
working together.


Okay then. I'm attaching SASL mapping configuration we use in FreeIPA.

You can read all the gory details on
https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/SASL.html

Please let us know what configuration works for your with OpenLDAP so we canadd this information to bind-dyndb-ldap docs or wiki.


Have a nice day!

--
Petr^2 Spacek

version: 1

dn: cn=mapping,cn=sasl,cn=config
objectClass: nsContainer
objectClass: top
cn: mapping

dn: cn=Full Principal,cn=mapping,cn=sasl,cn=config
objectClass: nsSaslMapping
objectClass: top
cn: Full Principal
nsSaslMapBaseDNTemplate: dc=ipa,dc=example
nsSaslMapFilterTemplate: (krbPrincipalName=\1@\2)
nsSaslMapRegexString: \(.*\)@\(.*\)
nsSaslMapPriority: 10

dn: cn=Name Only,cn=mapping,cn=sasl,cn=config
objectClass: nsSaslMapping
objectClass: top
cn: Name Only
nsSaslMapBaseDNTemplate: dc=ipa,dc=example
nsSaslMapFilterTemplate: (krbPrincipalName=&@IPA.EXAMPLE)
nsSaslMapRegexString: ^[^:@]+$
nsSaslMapPriority: 10

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Re: [Freeipa-users] bind-dyndb-ldap: using keytabs for auth to ldap

Reply via email to