when we apply the mapping setting as shown below :
(sasl regexp)
*
*
*log_level: -1*
*pwcheck_method:auxprop saslauthd*
*mech_list: GSSAPI EXTERNAL LOGIN PLAIN NTLM DIGEST-MD5 CRAM-MD5*
*auxprop_plugin: slapd*
*ldapdb_uri:ldaps://10.0.0.12:636/ ldapi:///*
*ldapdb_id: c...@nspi,,dc=teipir,dc=gr*
*ldapdb_pw: {SSHA}I3uStTuu03acS7E/Wp85xNBawCqzvgtY*
*ldapdb_mech: GSSAPI EXTERNAL*
*ldapdb_starttls: try*on the ldapwhoami command i get: *SASL/GSSAPI authentication started* *SASL username: kadmin/ad...@teipir.gr* *SASL SSF: 56* *SASL data security layer installed.* *dn:krb5PrincipalName=kadmin/ad...@teipir.gr,ou=kerberos,dc=teipir,dc=gr* * * * * on the other hand without mapping we get : SASL/GSSAPI authentication started SASL username: kadmin/ad...@teipir.gr SASL SSF: 56 SASL data security layer installed. dn:uid=kadmin/admin,cn=gssapi,cn=auth + with the ACL set : *access to * by * write* * by * read* * by * auth* * * 1)i get all the time the value gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth 2)and the uid value remains empty.... *1)* *acl_get: [1] attr krb5KeyVersionNumber* *Mar 22 18:25:03 proof slapd[23892]: => acl_mask: access to entry "krb5PrincipalName=krbtgt/teipir...@teipir.gr,ou=kerberos,dc=teipir,dc=gr", attr "krb5KeyVersionNumber" requested* *Mar 22 18:25:03 proof slapd[23892]: => acl_mask: to value by "gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth", (=0)* 2) *=> access_allowed: auth access to "krb5PrincipalName=kadmin/ ad...@teipir.gr,ou=kerberos,dc=teipir,dc=gr" "uid" requested* *Mar 22 18:27:18 proof slapd[23983]: => acl_get: [1] attr uid* *Mar 22 18:27:18 proof slapd[23983]: => acl_mask: access to entry "krb5PrincipalName=kadmin/ad...@teipir.gr,ou=kerberos,dc=teipir,dc=gr", attr "uid" requested* *Mar 22 18:27:18 proof slapd[23983]: => acl_mask: to value by "", (=0)* *Mar 22 18:27:18 proof slapd[23983]: <= check a_dn_pat: ** *Mar 22 18:27:18 proof slapd[23983]: <= acl_mask: [1] applying write(=wrscxd) (stop)*
