Hi, On the page of ldapi/auto-bind I have found the following paragraph : If "nsslapd-ldapimaptoentries" value is "on", the uid and gid are searched with the filter "(&(uidNumber=<uid>)(gidNumber=<gid>)" under the search base "nsslapd-ldapientrysearchbase". Once a matched entry is found, the client is authenticated as the entry. The uidNumber and gidNumber attribute name are configurable with "nsslapd-ldapiuidnumbertype" and "nsslapd-ldapigidnumbertype", respectively. Password is not necessary in the authentication. What happens if there are serveral entries corresponding to the abovementioned filter? The bind is refused or there is a random bind? Or it will make an anynymous bind? I think this question should be clearly defined (as it is defined in PKI external authentification avec FDS). Andrey Ivanov Direction des Systemes d'Information Ecole Polytechnique 91128 Palaiseau CEDEX France -- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
