[K12OSN] ldap structure
Christopher K. Johnson
ckjohnson at gwi.net
Fri Sep 3 11:47:39 UTC 2004
cliebow at downeast.net wrote:
>david can you tell me if linux ldap will descend into a directory wihin the
>users group??
>
>loke users-1------2004----aluchini
> 1------2005----cliebow
> 1------2006----dtrask
>
>and authenticate..etc/ldap set up to look in users..chuck
>
>
>
It will if you uncomment:
scope sub
in /etc/ldap.conf. That enables the search to include sub-hierarchies,
not just one level or the base entry.
But also make sure ldap.conf specifies correct filter criteria and
attribute for user authentication in order for people's ldap entries to
be found. In other words the default requires that user entries be of
objectclass "account", and that each has a uid attribute used as their
identity when authenticating.
If you turn on some debug logging level in slapd.conf (e.g. 'loglevel
32') and configure putting it somewhere in syslog.conf, then the output
should help you diagnose the problem. See loglevel in 'man slapd.conf'
for details.
Chris
--
-----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
More information about the K12OSN
mailing list