>>>>> "Nils" == Nils Olav Sel�sdal <[EMAIL PROTECTED]> writes:
Nils> Am I bound to and dn when i use SASL/GSSAPI ? I get my TGT
Nils> for [EMAIL PROTECTED] and do e.g. a 'ldapsearch -h lfs
Nils> -LLL', who am I now authorized/bound as on the ldap server?
Nils> What I want is that [EMAIL PROTECTED] binds as
Nils> uid=noselasd,ou=People,dc=fiane,dc=intra Some explanations
This is server dependent. For OpenLDAP, you get something like
uid:sasl_name as your identity. For example here is an entry from my
OpenLDAP ACL:
by dn="uid=.*/admin" write
# The admin dn has full write access
by dn="uid=.*/admin" write
So, you are bound to a DN, but it's not really all that distinguished
and probably doesn't exist in your database. This is probably not
ideal.
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
http://mailman.mit.edu/mailman/listinfo/kerberos
