[et-mgmt-tools] [Cobbler] [PATCH] Cleaning up the authn_ldap module
Michael DeHaan
mdehaan at redhat.com
Tue Apr 1 19:26:52 UTC 2008
Bjorn Oglefjorn wrote:
> Issues addressed in the attached patch:
> - allow anonymous or bind'ed searches to obtain a user's full DN
> - allow for a configurable user search prefix (eg: 'uid=', 'cn=',
> etc...)
>
> The following items (and their proposed defaults) are needed in
> /var/lib/cobbler/settings to accommodate this patch:
> ldap_anonymous_bind: 1
> ldap_search_bind_dn: ''
> ldap_search_passwd: ''
> ldap_search_prefix: 'uid='
>
> So if your LDAP server does not allow anonymous binds, you would need
> to set:
> ldap_anonymous_bind: 0
> ldap_search_bind_dn:
> '<full_bind_user_dn_with_full_read_access_to_base_dn>'
> ldap_search_passwd: '<passwd>'
>
> Questions? See me in #cobbler.
>
> --Vito Laurenza
> ------------------------------------------------------------------------
>
> _______________________________________________
> et-mgmt-tools mailing list
> et-mgmt-tools at redhat.com
> https://www.redhat.com/mailman/listinfo/et-mgmt-tools
Applied with some tweaks -- added the new variables to the settings
file, etc.
Thanks!
Vito mentioned on IRC the Wiki is going to be updated with details later
(https://fedorahosted.org/cobbler/wiki/CobblerWithLdap), if anyone with
an LDAP config would like to test this, please do.
The default values in the config file should be right for most installs
(other than the basedn and server), if you need the others they will be
up on the Wiki.
--Michael
More information about the et-mgmt-tools
mailing list