Marc, > - Configure a rootdn with rootpw for each database. Use this to > authenticate to slapd und modify things. > This works? Fine, go on.
Been working for a while > - Create a user entry inside your DIT. > Use this entry as rootdn. > This works? Fine, go on. > - Map this user entry from your local unix user with olcAuthzRegexp > to use with ldapi and EXTERNAL. > This works? Fine, go on. I am with you. > - or make your first steps with ACLs and another user entry. What do I do here? > Do you need multiple mappings? I understand that config database would allow me to have unto fifty mapping. I just don't understand those could work for my need. > As you are one user on your system, this maps to one user in ldap with > olcAuthzRegexp. > As Micheal already posted: > > authz-regexp > "gidNumber=0\\+uidNumber=0,cn=peercred,cn=external,cn=auth" > "cn=root,dc=example,dc=com" > > uid 0 (from your system) maps to ldap entry cn=root,dc=example,dc=com. I don't understand how this COULD work. Please explain why admin in DIT 1 would have manage right to DIT 2. Sincerely, Igor Shmukler
