[jira] Created: (DIRSERVER-945) <!-- The base DN containing
Web Server forum
Back To The Forum Home!Search!Private Messaging System
Visit your User Control Panel!Register your FREE username now!Visit Our Calendar!View the Member List!Faqs!Search our Forums!

Web Server Talk Web Server Talk > Web Servers reviews > Apache Server configuration support > Apache Directory Project > [jira] Created: (DIRSERVER-945) <!-- The base DN containing




  Last Thread   Next Thread Next
  Show Printable Version Email this Page Subscribe to this Thread      Post New Thread    Post A Reply      

    [jira] Created: (DIRSERVER-945) <!-- The base DN containing  
Emmanuel Lecharny (JIRA)


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
05-26-07 12:11 AM

searchBaseDn value default
to an non existent DN into the default ADS
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit

<!-- The base DN containing users that can be SASL authenticated.       -->
searchBaseDn value default to an non existent DN into the default ADS
----------------------------------------------------------------------------
--------------------------------------------------------------------------

Key: DIRSERVER-945
URL: https://issues.apache.org/jira/browse/DIRSERVER-945
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 1.5.0
Reporter: Emmanuel Lecharny
Assigned To: Enrique Rodriguez


When launching the server without any configuration, each bind request produ
ce an exception because the ConigureChain is looking for a searchBaseDn entr
y, which default to "ou=users,dc=example,dc=com" in server.xml :
<!-- The base DN containing users that can be SASL authenticated.       -->
<property name="searchBaseDn" value="ou=users,dc=example,dc=com" />

There are two problems with this value
- this DN does not exists in the DIT, so the lookup will always fail
- when using SIMPLE authentication, the server should *not* issue a lookup f
o this DN which is dedicated to SASL, AFAIK.

Note that the documentation is not clear about what is this searchBaseDN :
"The single location where entries are stored. The definition of "entries" d
epends on the protocol. For example, for LDAP, Kerberos, and Change Password
, entries are users for purposes of authentication. For DNS, entries are res
ource records. If this prop
erty is not set the store will search the system partition configuration for
 catalog entries. Catalog support is highly experimental and is only tested 
in the OSGi build of ApacheDS using the Config Admin service."

We are using partitions to store data, "ou=system" is one of those partition
, "dc=example, dc=com" is another one, but as partitions should *not* overla
p,
"ou=users,dc=example,dc=com" can't be a partition. Of course, *if* this is a
 partition, which is not clear for me reading the above explanaition.

It would be good to improve this part of the doco for better clarity.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.




[ Post a follow-up to this message ]



    Sponsored Links  




 



   All times are GMT. The time now is 10:57 AM.      Post New Thread    Post A Reply      
  Last Thread   Next Thread Next


Most Popular forums 
Apache Server MySQL for Windows Sendmail
Red Hat Networking SuSe Linux Debian Linux
FreeBSD administration Sun Solaris administration Unix Shell programming
WebSphere Portal Server Exchange 2000 administration PostgreSQL administration
Linux Security Computer Security Firewalls

Forum Jump:
Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
 
Medical and Health forum | Computer Games Reviews | Graphics design forum

Back To The Top
Home | Usercp | Faq | Register