Hi there.
I have a question related to the use of mod_auth_ldap and I was
wondering if what I'm trying to achieve is possible.
I have recently moved to a MacOS 10.6 server which uses
"OpenDirectory" which is based on OpenLDAP but they obviously have
added some tricked here and there.
A user in OpenDirectory can have a login alias.
This is stored in active directory as follow:
# jeanyves_avenard, users, m.domain.com
dn: uid=jeanyves_avenard,cn=users,dc=m,dc=domain,dc=com
uid: jeanyves_avenard
uid: jean-yves.avenard
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: apple-user
objectClass: extensibleObject
objectClass: organizationalPerson
objectClass: top
objectClass: person
The first uid is what they call the primary "shortname".
Each uid within that entry, is an alias to the primary shortname. You
can pretty much do everything using any of those alias, from login,
email, the lot. If you log with an alias, the authentication used is
the primary uid ; and this is what you access will see ; as if all you
used with the primary uid
I would like to reproduce a similar behaviour on a plain vanilla
apache server, using mod_auth_ldap
something that would be similar to a ldap regex:
&(uid=(.*))("uid=$1,cn=users,dc=m,dc=domain,dc=com")
(not too sure about that one, I just made it up)
Any ideas if it can be done?
Thank you
Jean-Yves
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|