OpenLDAP schema to store OpenPGP keys?

Walter Haidinger walter.haidinger at
Thu Feb 23 14:59:53 CET 2006

On Thu, February 23, 2006 14:03, David Shaw wrote:
> Not a bug - you're quoting it wrong in the shell.  It takes a lot to
> make the shell not eat stuff sometimes:
>  --keyserver-option "binddn=\"uid=user1,ou=PGP Users,dc=EXAMPLE,dc=COM\""
> That is, quote the value, not the name=value.  The parser in GPG
> understands quotes.

Of course, should have thought of that! Silly me. <:|

Everything works now! :-)
Thanks a _lot_ for your help to get this operational!


PS: Tweaked the ACLs a bit to:

# let PGP users change their passwords
access to dn.regex="^uid=([^,]+),ou=PGP Users,dc=EXAMPLE,dc=COM$"
        by self write
        by * none

# PGP keystore: only users may write
access to dn.subtree="ou=PGP Keys,dc=EXAMPLE,dc=COM"
        by dn.regex="^uid=([^,]+),ou=PGP Users,dc=EXAMPLE,dc=COM$" write
        by * read

More information about the Gnupg-users mailing list