On Mon, 14 Oct 2002, Kervin L. Pierre wrote: > > I modified the patch to take the search domain from the username %u, for > virtual server environments. > > http://my.fit.edu/~kpierre/lak.c.2.patch > > PS. I am not having luck with the global search ( ie. the current > method, -b "" ), I keep getting object not found although a search under > a specific domain context works ( ie. -b "ou=..." ). >
You are telling openldap to search a wrong backend (among other things, -b"" is used to search rootDSE). > Let me know what you think > I'll integrate the patch and submit it to Rob. -Igor > --Kervin > > > Igor Brezac wrote: > > > > > On Mon, 14 Oct 2002, Kervin L. Pierre wrote: > > > > > > > > Hi, > > > > > > attached is a patch to cyrus/saslauthd/lak.c to allow it to expand '%d' > > > macro in ldap_search_base option to the domain context derived from the > > > realm '%r'. > > > > > > eg. > > > > > > ldap_search_base: ou=people, %d > > > in saslauthd.conf > > > > > > if realm is 'domain.tld', the ldap search base will expand to > > > 'ou=people,dc=domain,dc=tld' > > > > > > Does imapd always provide the realm in a virtual server environment when > > > authenticating users? Is it safe to assume that the realm is > > > 'domain.tld' or more specifically the domain given to mkimap script? > > > > > > Is this correct/incorrect/unnecessary? > > > > > > > In most cases an organization will have one realm. Realms should not be > > confused with domains. In virtual domain setup, %u will look like > > [EMAIL PROTECTED] and unless you setup a realm, %r will be blank. So, > > %d is not necessary in this case. > > > > > -- Igor
