On 22/03/10 18:29 +0200, Μανόλης Βλαχάκης wrote:
on the ldapwhoami command i get:
*SASL/GSSAPI authentication started*
*SASL username: kadmin/[email protected]*
*SASL SSF: 56*
*SASL data security layer installed.*
*dn:krb5PrincipalName=kadmin/[email protected],ou=kerberos,dc=teipir,dc=gr*
*
*
*
*
on the other hand without mapping we get :
SASL/GSSAPI authentication started
SASL username: kadmin/[email protected]
SASL SSF: 56
SASL data security layer installed.
dn:uid=kadmin/admin,cn=gssapi,cn=auth
Looks good.
Do you have an authz-policy set?
+
with the ACL set :
*access to * by * write*
* by * read*
* by * auth*
*
*
1)i get all the time the value
gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
2)and the uid value remains empty....
That looks like UNIX domain socket via an ldapi connection, by the root
user (or a user with UID of 0).
You should probably have a mapping for it as well. I map root to the admin
user on my system.
--
Dan White
