[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    Re: [pamldap] newbie: password change only works with
From:       Hallvard B Furuseth <h.b.furuseth () usit ! uio ! no>
Date:       2005-05-31 13:24:58
Message-ID: hbf.20050531sqxf () bombur ! uio ! no
[Download RAW message or body]

Tony Earnshaw writes:
>tir, 31.05.2005 kl. 00.44 skrev Roman Manz:
>> access to attrs=userPassword
>>        by self write
>>        by anonymous auth
>>        by dn.base="cn=Admin,ou=linux,o=adp,c=de" write
>>        by * none
>
> The base dn is horrible and you'll never be able to do anything with it
> in practice. Get the Admin guide from openldap.org and get the Quick
> start example to work. Understand how a basic dn should be composed
> (think of a DNS FQDN).

Not at all.  As an LDAP DN there is nothing wrong with it.  Using domain
components to construct DNs like dc=foo,dc=bar like you suggest is just
a convention.  Roman's DN follows an older convention.

It's possible that PAM only can handle DNs based on domain components,
but if so the place for that is the PAM documentation.

-- 
Hallvard
[prev in list] [next in list] [prev in thread] [next in thread]