Roberto Polli wrote: > On Wednesday 29 July 2009 18:35:56 you wrote: > >> Roberto Polli wrote: >> >>> On Wednesday 29 July 2009 18:09:17 Rich Megginson wrote: >>> >>>> Does this give any useful information? >>>> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Configuring_Directo >>>> ry_ >>>> Databases-Creating_and_Maintaining_Database_Links.html#Creating_and_Main >>>> tain ing_Database_Links-Database_Links_and_Access_Control_Evaluation >>>> >>> I read it more than once..made some slides too >>> http://docs.google.com/present/view?id=dd4mpk7p_10366hxdsmn >>> >>> nonethless I may have made some mistake. >>> >>> what I didn't understood is why - when updating userPassword - the remote >>> server states that >>> >>> >>>> NSACLPlugin - proxied authorization dn is () >>>> >>> instead of >>> >>> >>>> NSACLPlugin - proxied authorization dn is (uid=u1,ou=serv >>>> ice administrators,dc=babel,dc=it) >>>> >>> hope this could clarify a bit my problem.. >>> > > >> Are you using the ldappasswd command to update the password? >> > ldapmodify: > dn: uid=pippo,dc=example,dc=com > changetype: modify > replace: userPassword > userPassword: pippo1242102d32d322d8321p8enxnc093212190cx321 > > > >> You may have to allow that component to chain. >> http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Configuring_Directo >> ry_Databases-Creating_and_Maintaining_Database_Links.html#Configuring_the_Ch >> aining_Policy-Chaining_Component_Operations >> > > Even if I don't use SASL, anyway I enabled chaining of PasswordPolicy > controls, but nothing changes. > .. > > but..is it right that in aclplugin.c the function > acl_get_proxyauth_dn( pb, &proxy_dn, &errtext ) > returns proxy_dn = "" ? > It is if there is no proxy auth control being sent. > Peace, > R. > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20090729/0e8c19dc/attachment.bin
