VANOLE, MICHAEL J
2014-10-09 13:51:33 UTC
Greetings,
This might be more of an ldap question, but Iâm going to try this list.
I use net ldap to create new users on Sun One Directory v7 (ODSEE), and on openldap.
With ODSEE Iâm able to specify which sasl mechanism I want a user to have like so:
$adduser = $ldap->add( $user_dn,
attr => [
'uid' => $ldap_uid,
'cn' => "$ldap_last_name $ldap_first_name",
'givenname' => $ldap_first_name,
'sn' => $ldap_last_name,
'objectclass' => ['top','person','organizationalPerson','inetorgperson'],
'userpassword' => $userpass,
'nsaccountlock' => 'false',
'supportedsaslmechanisms' => 'cn=default,cn=DIGEST-MD5,cn=identity mapping,cn=config'
]);
With openldap this fails with a message about sasl mechanism can only be applied to rootdse.
I have several supported mechanisms I can choose from. Part of the problem might be I donât know the âcnâ for them as I have above, so I tried this:
$adduser = $ldap->add( $user_dn,
attr => [
'uid' => $ldap_uid,
'cn' => "$ldap_last_name $ldap_first_name",
'givenname' => $ldap_first_name,
'sn' => $ldap_last_name,
'objectclass' => ['top','person','organizationalPerson','inetorgperson'],
'userpassword' => $userpass,
'supportedsaslmechanisms' => 'DIGEST-MD5'
]);
Should this work with openldap if I had the full hierarchy path the the sasl mechanism? What would that be on openldap if so?
Many thanks
Mike
This might be more of an ldap question, but Iâm going to try this list.
I use net ldap to create new users on Sun One Directory v7 (ODSEE), and on openldap.
With ODSEE Iâm able to specify which sasl mechanism I want a user to have like so:
$adduser = $ldap->add( $user_dn,
attr => [
'uid' => $ldap_uid,
'cn' => "$ldap_last_name $ldap_first_name",
'givenname' => $ldap_first_name,
'sn' => $ldap_last_name,
'objectclass' => ['top','person','organizationalPerson','inetorgperson'],
'userpassword' => $userpass,
'nsaccountlock' => 'false',
'supportedsaslmechanisms' => 'cn=default,cn=DIGEST-MD5,cn=identity mapping,cn=config'
]);
With openldap this fails with a message about sasl mechanism can only be applied to rootdse.
I have several supported mechanisms I can choose from. Part of the problem might be I donât know the âcnâ for them as I have above, so I tried this:
$adduser = $ldap->add( $user_dn,
attr => [
'uid' => $ldap_uid,
'cn' => "$ldap_last_name $ldap_first_name",
'givenname' => $ldap_first_name,
'sn' => $ldap_last_name,
'objectclass' => ['top','person','organizationalPerson','inetorgperson'],
'userpassword' => $userpass,
'supportedsaslmechanisms' => 'DIGEST-MD5'
]);
Should this work with openldap if I had the full hierarchy path the the sasl mechanism? What would that be on openldap if so?
Many thanks
Mike