On 03/21/2013 09:04 AM, Jan-Frode Myklebust wrote:
Serverdefault has a hack for supporting nested groups on
RHEL5/apache-2.2 involving a ldap filter using
LDAP_MATCHING_RULE_IN_CHAIN on Active Directory, ref:
http://serverfault.com/a/424706
Does anybody know if a similar filter can be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/21/2013 09:04 AM, Jan-Frode Myklebust wrote:
Serverdefault has a hack for supporting nested groups on
RHEL5/apache-2.2 involving a ldap filter using
LDAP_MATCHING_RULE_IN_CHAIN on Active Directory, ref:
http://serverfault.com/a/424706
This works:
Require ldap-attribute
memberof=cn=cactiaccess,cn=groups,cn=accounts,dc=example,dc=net
but only if I also provide a username/password for apache
to bind as. Doesn't work with unauthenticated binds.
-jf
___
Freeipa-users
On 03/22/2013 09:12 AM, Jan-Frode Myklebust wrote:
This works:
Require ldap-attribute
memberof=cn=cactiaccess,cn=groups,cn=accounts,dc=example,dc=net
but only if I also provide a username/password for apache
to bind as. Doesn't work with unauthenticated binds.
-jf
Because
On Fri, Mar 22, 2013 at 09:59:14AM -0400, Dmitri Pal wrote:
Because anonymous binds are rightly turned off by default,
They are? I don't think I've ever explicitly turned on anonymous binds,
and my directories are open to anonymous searches. The confusing thing is
that not all attributes are
On 03/22/2013 10:20 AM, Jan-Frode Myklebust wrote:
On Fri, Mar 22, 2013 at 09:59:14AM -0400, Dmitri Pal wrote:
Because anonymous binds are rightly turned off by default,
They are? I don't think I've ever explicitly turned on anonymous binds,
and my directories are open to anonymous searches.
Dmitri Pal wrote:
On 03/22/2013 10:20 AM, Jan-Frode Myklebust wrote:
On Fri, Mar 22, 2013 at 09:59:14AM -0400, Dmitri Pal wrote:
Because anonymous binds are rightly turned off by default,
They are? I don't think I've ever explicitly turned on anonymous binds,
and my directories are open to
On 03/22/2013 11:01 AM, Rob Crittenden wrote:
Dmitri Pal wrote:
On 03/22/2013 10:20 AM, Jan-Frode Myklebust wrote:
On Fri, Mar 22, 2013 at 09:59:14AM -0400, Dmitri Pal wrote:
Because anonymous binds are rightly turned off by default,
They are? I don't think I've ever explicitly turned on
On Fri, 2013-03-22 at 15:20 +0100, Jan-Frode Myklebust wrote:
On Fri, Mar 22, 2013 at 09:59:14AM -0400, Dmitri Pal wrote:
Because anonymous binds are rightly turned off by default,
They are? I don't think I've ever explicitly turned on anonymous binds,
and my directories are open to
Serverdefault has a hack for supporting nested groups on
RHEL5/apache-2.2 involving a ldap filter using
LDAP_MATCHING_RULE_IN_CHAIN on Active Directory, ref:
http://serverfault.com/a/424706
Does anybody know if a similar filter can be created for an with
IPA/389ds backend ?
-jf
10 matches
Mail list logo
