Hi,
I have a question about a special LDAP setup , I try to use sock
backend for bind user that after succesfull bind have to search on
another backend,
Here my slapd.conf on openldap 2.4.11
access to * by users read
##################BACKEND SOCK#################################################
database sock
suffix "dc=reg-bus-users-local,dc=it"
#catturo le richieste riscritte da rwm bloccando richieste di lettura
e scrittura dirette
socketpath /tmp/ldapauthorization.sock
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
database bdb
suffix "dc=tfk,dc=tfkdatastore"
rootdn "cn=Root,dc=tfk,dc=tfkdatastore"
rootpw xxxxx
I also made a fake bind in server listening on socket ldapauthorization.sock
if ($request eq "BIND\n") {
my %req = ();
print "RESULT\n";
print "code: 0\n";
print "matched: cn=fratbrother,dc=reg-bus-users-local,dc=it\n";
}
my ldapsearch is :
ldapsearch -H ldap://localhost:389/ -D
"cn=fratbrother,dc=reg-bus-users-local,dc=it" -w xxxx -x -b
"dc=tfk,dc=tfkdatastore" "(objectClass=*)" "*"
result :
ldap_bind: Insufficient access (50)
my goal if work , is to make bind = (bind + search attribute) in other
ldap server check the validity of attribute and then response bind
succesfull,
so redirected bind with check on remote attribute , is possible to do
that ? is the right usage of backend sock ?
Ps : also noted that ldap does not connect to socket but make response
directly "insufficient access".
Ps : sorry for the bad english
Thanks in Advance
Stefano Vitali
