[patch] search domain from %u
Igor Brezac
igor at ipass.net
Tue Oct 15 11:09:37 EDT 2002
On Mon, 14 Oct 2002, Kervin L. Pierre wrote:
>
> I modified the patch to take the search domain from the username %u, for
> virtual server environments.
>
> http://my.fit.edu/~kpierre/lak.c.2.patch
>
> PS. I am not having luck with the global search ( ie. the current
> method, -b "" ), I keep getting object not found although a search under
> a specific domain context works ( ie. -b "ou=..." ).
>
You are telling openldap to search a wrong backend (among other things,
-b"" is used to search rootDSE).
> Let me know what you think
>
I'll integrate the patch and submit it to Rob.
-Igor
> --Kervin
>
>
> Igor Brezac wrote:
>
> >
> > On Mon, 14 Oct 2002, Kervin L. Pierre wrote:
> >
> > >
> > > Hi,
> > >
> > > attached is a patch to cyrus/saslauthd/lak.c to allow it to expand '%d'
> > > macro in ldap_search_base option to the domain context derived from the
> > > realm '%r'.
> > >
> > > eg.
> > >
> > > ldap_search_base: ou=people, %d
> > > in saslauthd.conf
> > >
> > > if realm is 'domain.tld', the ldap search base will expand to
> > > 'ou=people,dc=domain,dc=tld'
> > >
> > > Does imapd always provide the realm in a virtual server environment when
> > > authenticating users? Is it safe to assume that the realm is
> > > 'domain.tld' or more specifically the domain given to mkimap script?
> > >
> > > Is this correct/incorrect/unnecessary?
> > >
> >
> > In most cases an organization will have one realm. Realms should not be
> > confused with domains. In virtual domain setup, %u will look like
> > username at domain.tld and unless you setup a realm, %r will be blank. So,
> > %d is not necessary in this case.
> >
>
>
>
--
Igor
More information about the Info-cyrus
mailing list