|
»
8 principal limitation in nssldap
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
8 principal limitation in nssldap
by rammie2
() ::
Rate this Message:
Hi,
We are using nss_ldap for authenticating users registered in a LDAP server (Open LDAP, Active Directory). After adding 8 principals (/etc/ldap.conf), none of the users registered in the /etc/ldap.conf file are able to login. nss_base_passwd OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname nss_base_shadow OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname nss_base_group OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname Can you please share the reason for this 7 limitation in the nss_ldap library. or how I can fix this issue. I am looking for the header file in the source files whhich has this constant or limitation defined. Tried googling, but it appears that no one has encountered this issue. Some customers of our product are running into this issue and it has become a severity 1 issue to fix. Appreciate any help on this Thanks Ramakanth |
|
|
Re: 8 principal limitation in nssldap
by Douglas E. Engert
::
Rate this Message:
On 3/26/2011 8:37 AM, rammie2 wrote: > > Hi, > > We are using nss_ldap for authenticating users registered in a LDAP server > (Open LDAP, Active Directory). After adding 8 principals (/etc/ldap.conf), > none of the users registered in the /etc/ldap.conf file are able to login. principals? Principals are not added to the /etc/ldap.conf Or do you mean RDN? The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas. An RDN is an attribute with an associated value in the form attribute=value; normally expressed in a UTF-8 string format. The following table lists typical RDN attribute types. > > nss_base_passwd > OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname > nss_base_shadow > OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname > nss_base_group > OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname > Have you tried using something like: base DC=someplace,DC=myarea,DC=compname,DC=parentcompname nss_base_passwd OU=engg,DC=mycompany,DC=region, nss_base_shadow OU=engg,DC=mycompany,DC=region, nss_base_group OU=engg,DC=mycompany,DC=region, Don't know it it will help or not. > > Can you please share the reason for this 7 limitation in the nss_ldap > library. or how I can fix this issue. I am looking for the header file in > the source files whhich has this constant or limitation defined. > > Tried googling, but it appears that no one has encountered this issue. Some > customers of our product are running into this issue and it has become a > severity 1 issue to fix. Appreciate any help on this > > Thanks > Ramakanth -- Douglas E. Engert <DEEngert@...> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 |
|
|
Re: 8 principal limitation in nssldap
by rammie2
::
Rate this Message:
Hi
Thanks for the response, sorry I meant RDN's yes we have tried adding the base to the /etc/ldap.conf but the idea is to provide more than 7 nss_base_xxxx support. # The distinguished name of the search tree. base DC=someplace,DC=myarea,DC=compname,DC=parentcompname
7 being a small number, customers are not scale up the number of RDN's. Since it is not documented or expressed as a known issue/bug, I am kind of stuck on this
Please provide any pointers/info related to this. Thanks Ramakanth On 27 March 2011 07:13, Douglas E. Engert <deengert@...> wrote:
|
| Free embeddable forum powered by Nabble | Forum Help |
