[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL question

To: Peter Choe <choepete@mindspring.com>
Subject: Re: ACL question
From: Adam Tauno Williams <adam@morrison-ind.com>
Date: Tue, 8 Aug 2000 09:01:16 -0400
Cc: openldap-software@OpenLDAP.org
In-reply-to: <39900DB6.65F6746A@mindspring.com>
References: <4.3.2.7.0.20000804230712.00b2ebb0@mail-server> <4.3.2.7.0.20000807112331.00b34b80@router.boolean.net> <398F1FF1.4A09AB4E@mindspring.com> <398F2BC6.521E83C5@courriel.polymtl.ca> <39900DB6.65F6746A@mindspring.com>
User-agent: IMP/PHP3 Imap webMail Program 2.0.11

>i have put the space in and i have userpassword attributes, but i still get
>insufficient access.
>any other ideas of what i could have wrong?

Do you have any other ACL lines you didn't bother to mention?

>>Two things come to mind.
>>1) The access rules should be like this:
>>defaultaccess read
>> access to dn="cn=peter choe,o=mycompany,c=us" by self write
>> or if the access line is on more than one line, a space should precedes
>>everey continuation line. Ex:
>>defaultaccess read
>>access to dn="cn=peter choe,o=mycompany,c=us"
>>  by self write

Do you sucessfully bind to the LDAP server? 

You can do a: ldapsearch -s base -b "cn=monitor" "objectclass=*"
which lists connections to the server.  That way you can see if 
authentication itself is failing, or if it is some ACL issue
deny-ing you access.  If you doing this mod from a command line tool
you may need to be quick fingered.

Systems and Network Administrator
Morrison Industries
1825 Monroe Ave NW.
Grand Rapids, MI. 49505

References:
- LDAP for Win-NT
  - From: "T.Subramanian" <t_subbu@yahoo.com>
- Re: LDAP for Win-NT
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- ACL question
  - From: Peter Choe <choepete@mindspring.com>
- Re: ACL question
  - From: Peter Choe <choepete@mindspring.com>

Prev by Date: Re: ACL question
Next by Date: Re: suddenly I can't find things....
Index(es):
- Chronological
- Thread