saslauthd, ldap_filter
Igor Brezac
igor at ipass.net
Wed Jun 22 22:59:29 EDT 2005
On Wed, 22 Jun 2005, [UTF-8] Laurent LARQUÃ~HRE wrote:
> Hi
> have you tried a filter with OR (|) ?
This will not work, ldap_filter in his config (auth method = fastbind)
resolves to a dn which is used to bind to the ldap server. I'd use sasl
and let the ldap server decide how to translate username to dn. If this
is not available you need to use bind or custom auth method. See
LDAP_SASLAUTHD included in the distro...
-Igor
> Paul van der Vlis wrote:
>
>> Hello,
>>
>> I have LDAP authentification working via SSL to a Novell server, and I
>> am glad ;-) But OK, a little problem:
>>
>> The users are not all in the same 'container'. When I use:
>> ldap_filter: cn=%u,ou=lrl,o=wlg
>>
>> I can authenticate some uers, but other users need:
>> ldap_filter: cn=%u,ou=ler,o=wlg
>>
>> Is there a way to realise searching with more then one filter?
>>
>> With regards,
>> Paul van der Vlis.
>>
>> btw: my /etc/saslauthd.conf:
>>
>> ldap_servers: ldaps://192.168.10.249/
>> ldap_auth_method: fastbind
>> ldap_tls_cacert_file: /path/to/rootcert.pem
>> ldap_filter: cn=%u,ou=lrl,o=wlg
>>
>> ---
>> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
>> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
--
Igor
More information about the Info-cyrus
mailing list