Build Environment
Deleted broken LBER_INVALID macro (ITS#6402)
Fixed test058 kill usage (ITS#6420)
+ Fixed meta regression test (ITS#6418)
+ Documentation
+ slapd-meta(5) Note deprecated functions (ITS#6424)
OpenLDAP 2.4.20 Release (2009/11/27)
Fixed client tools with LDAP options (ITS#6283)
This directive, when set to
.BR yes ,
causes the authentication to the remote servers with the pseudo-root
-identity to be deferred until actually needed by subsequent operations.
+identity (the identity defined in each
+.B idassert-bind
+directive) to be deferred until actually needed by subsequent operations.
Otherwise, all binds as the rootdn are propagated to the targets.
.TP
.TP
.B pseudorootdn "<substitute DN in case of rootdn bind>"
-This directive, if present, sets the DN that will be substituted to
-the bind DN if a bind with the backend's "rootdn" succeeds.
-The true "rootdn" of the target server ought not be used; an arbitrary
-administrative DN should used instead.
+Deprecated; use
+.B idassert\-bind
+instead.
.TP
.B pseudorootpw "<substitute password in case of rootdn bind>"
-This directive sets the credential that will be used in case a bind
-with the backend's "rootdn" succeeds, and the bind is propagated to
-the target using the "pseudorootdn" DN.
-
-Note: cleartext credentials must be supplied here; as a consequence,
-using the pseudorootdn/pseudorootpw directives is inherently unsafe.
+Deprecated; use
+.B idassert\-bind
+instead.
.TP
.B rewrite* ...
echo "Using ldapsearch to retrieve all the entries..."
$LDAPSEARCH -S "" -b "$METABASEDN" -h $LOCALHOST -p $PORT3 \
- 'objectClass=*' > $SEARCHOUT 2>&1
+ '(objectClass=*)' > $SEARCHOUT 2>&1
RC=$?
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo "Filtering original ldif used to create database..."
. $LDIFFILTER < $METACONCURRENCYOUT > $LDIFFLT
echo "Comparing filter output..."
-$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+$BCMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - slapd-meta search/modification didn't succeed"
uri "@URI1@o=Example,c=US"
suffixmassage "o=Example,c=US" "dc=example,dc=com"
-pseudorootdn "cn=manager,dc=example,dc=com"
-pseudorootpw secret
+idassert-bind bindmethod=simple
+ binddn="cn=manager,dc=example,dc=com"
+ credentials=secret
+ mode=none
+idassert-authzFrom "*"
#monitor#database monitor