LDAP+SASL
Ray Parrish
crp at cmc.net
Fri Feb 20 07:36:36 UTC 2009
Michael Peek wrote:
> Norberto Bensa wrote:
>
>> On Thu, Feb 19, 2009 at 7:26 PM, Michael Peek <peek at tiem.utk.edu> wrote:
>>
>>
>>> sasl-regexp uid=(.*),cn=.*,cn=auth
>>> uid=$1,ou=People,dc=nimbios,dc=org
>>>
>>>
>> You have at least two problems. The first one is sasl-regexp, AFAIK it
>> should be authz-regexp. The second problem is ".*" will match
>> everything and will not work as you expect. You need to tell the
>> regexp when to stop:
>>
>> authz-regexp
>> uid=([^,]*),cn=[^,]*,cn=auth
>> uid=$1,ou=People,dc=nimbios,d=org
>>
>> Also, remember to add "authz-policy to" too.
>>
>> If it continues to fail, increase loglevel in slapd.conf
>>
>>
>> Regards,
>> Norberto
>>
>>
>>
>
> Thanks Norberto.
>
> I've removed the sasl-regexp and added the following:
>
> authz-regexp uid=(.*),cn=[^,]*,cn=auth
> uid=$1,ou=People,dc=nimbios,dc=org
> authz-policy to
>
> Michael
>
Hello,
You guys are talking way over my head, but I did notice one thing.
Compare these two regexp lines that the both of you are using... I
believe that Michael does not have his entered the same as Norberto'
suggestion, as he has missed the negating ^ mark in the first part of
his declaration.
authz-regexp uid=(.*),cn=[^,]*,cn=auth "Michael's entry"
authz-regexp
uid=([^,]*),cn=[^,]*,cn=auth " and this is what Norberto said to do"
I am noticing that Michael's first entry is missing the ^ and the [ ]
pair around it in the first part of the expression.
Could this be the problem?
Later, Ray Parrish
]--
Human reviewed index of links about the computer
http://www.rayslinks.com
Poetry from the mind of a Schizophrenic
http://www.writingsoftheschizophrenic.com/
More information about the ubuntu-users
mailing list