Roberto Polli wrote:
On Wednesday 29 July 2009 18:35:56 you wrote:Roberto Polli wrote:On Wednesday 29 July 2009 18:09:17 Rich Megginson wrote:Does this give any useful information? http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Configuring_Directo ry_ Databases-Creating_and_Maintaining_Database_Links.html#Creating_and_Main tain ing_Database_Links-Database_Links_and_Access_Control_EvaluationI read it more than once..made some slides too http://docs.google.com/present/view?id=dd4mpk7p_10366hxdsmn nonethless I may have made some mistake. what I didn't understood is why - when updating userPassword - the remote server states thatNSACLPlugin - proxied authorization dn is ()instead ofNSACLPlugin - proxied authorization dn is (uid=u1,ou=serv ice administrators,dc=babel,dc=it)hope this could clarify a bit my problem..Are you using the ldappasswd command to update the password?ldapmodify: dn: uid=pippo,dc=example,dc=com changetype: modify replace: userPassword userPassword: pippo1242102d32d322d8321p8enxnc093212190cx321You may have to allow that component to chain. http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Configuring_Directo ry_Databases-Creating_and_Maintaining_Database_Links.html#Configuring_the_Ch aining_Policy-Chaining_Component_OperationsEven if I don't use SASL, anyway I enabled chaining of PasswordPolicy controls, but nothing changes...but..is it right that in aclplugin.c the function acl_get_proxyauth_dn( pb, &proxy_dn, &errtext )returns proxy_dn = "" ?
It is if there is no proxy auth control being sent.
Peace, R.
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
