On Fri, 2002-04-19 at 21:32, Sam Hartman wrote: > >>>>> "Nils" == Nils Olav Sel�sdal <[EMAIL PROTECTED]> writes: > > Nils> Am I bound to and dn when i use SASL/GSSAPI ? I get my TGT > Nils> for [EMAIL PROTECTED] and do e.g. a 'ldapsearch -h lfs > Nils> -LLL', who am I now authorized/bound as on the ldap server? > Nils> What I want is that [EMAIL PROTECTED] binds as > Nils> uid=noselasd,ou=People,dc=fiane,dc=intra Some explanations > > This is server dependent. For OpenLDAP, you get something like > uid:sasl_name as your identity. For example here is an entry from my > OpenLDAP ACL: > > by dn="uid=.*/admin" write > # The admin dn has full write access > by dn="uid=.*/admin" write > > > So, you are bound to a DN, but it's not really all that distinguished > and probably doesn't exist in your database. This is probably not > ideal. I actually managet to post to this mailing list? I intended to post to the openldap mailing list, sorry. Anyway it seems openldap 2.1 will be able to do what I want...
-- Nils Olav Sel�sdal <[EMAIL PROTECTED]> System Developer, UtelSystems a/s w w w . u t e l s y s t e m s . c o m ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
