OpenLDAP schema to store OpenPGP keys?
Walter Haidinger
walter.haidinger at gmx.at
Thu Feb 23 14:59:53 CET 2006
On Thu, February 23, 2006 14:03, David Shaw wrote:
> Not a bug - you're quoting it wrong in the shell. It takes a lot to
> make the shell not eat stuff sometimes:
>
> --keyserver-option "binddn=\"uid=user1,ou=PGP Users,dc=EXAMPLE,dc=COM\""
>
> That is, quote the value, not the name=value. The parser in GPG
> understands quotes.
Of course, should have thought of that! Silly me. <:|
Everything works now! :-)
Thanks a _lot_ for your help to get this operational!
Walter
PS: Tweaked the ACLs a bit to:
# let PGP users change their passwords
access to dn.regex="^uid=([^,]+),ou=PGP Users,dc=EXAMPLE,dc=COM$"
by self write
by * none
# PGP keystore: only users may write
access to dn.subtree="ou=PGP Keys,dc=EXAMPLE,dc=COM"
by dn.regex="^uid=([^,]+),ou=PGP Users,dc=EXAMPLE,dc=COM$" write
by * read
More information about the Gnupg-users
mailing list