In a message dated: Tue, 06 Apr 2004 16:06:14 +0200
Peter Marschall said:
>IMHO this is almost impossible to do correcty, and besides it is highly
>un-portable, since other directory server vendors do it differently.
That's what I thought :)
>Better use a configration file on the client side that determines the relation
>between the user's authorisation and the attributes the user is allowed to
>change.
Hmmm, perhaps my client could just parse the slapd.conf file directly then?
That might solve my problem.
>Of course you may also create special LDAP attributes/entries for that
>purpose.
Hmmm, I'm beginning to wonder if editing LDAP directly is even a good
idea. Perhaps I should move all this stuff directly to an RDB and
populate LDAP from that instead :(
>perl-ldap supports SASL authentication.
>Look for SASL in the Net::LDAP man page
Ahh, okay. Thanks!
--
Seeya,
Paul
GPG Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE
If you're not having fun, you're not doing it right!
