Changes

HTTP Basic authentication against OpenLDAP directory

539 bytes added, 10:41, 9 January 2015
/* Modify the ACL's */
access to dn.one="ou=people,dc=stoney-cloud,dc=org"
attrs=entry,objectClass,mail,sstEmployeeOfUID,givenName,sn,sstIsActive,cn,sstBelongsToUID
by dn.exact="cn=cloud,ou=services,ou=administration,dc=stoney-cloud,dc=org" read
by * break
<source lang="bash">
/etc/init.d/slapd restart
</source>
 
== Test the ACLs ==
<source lang="bash">
ldapsearch -H ldaps://ldapm.stoney-cloud.org \
-b "ou=people,dc=stoney-cloud,dc=org" \
-s one \
-D "cn=cloud,ou=services,ou=administration,dc=stoney-cloud,dc=org" \
-z 5 \
-W -x -LLL \
"(&(sstEmployeeOfUID=4000000)(mail=name.surname@example.com))" o sn givenName sstIsActive sstBelongsToUID
</source>
 
<source lang="bash">
Enter LDAP Password:
dn: uid=1000000,ou=people,dc=stoney-cloud,dc=org
givenName: Name
sn: Surname
sstIsActive: TRUE
sstBelongsToUID: 1
</source>
[[Category:OpenLDAP directory]]
Michael
SLB, editor, reviewer
3,407
edits