[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL problem with version 2.0.23

To: "Dale, Warren" <Dale.Warren@wcom.com.au>
Subject: Re: ACL problem with version 2.0.23
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Tue, 07 May 2002 11:05:21 +0200
Cc: "'OpenLDAP-Software'" <openldap-software@OpenLDAP.org>
Organization: Dipartimento di Ingegneria Aerospaziale
References: <C1CFCBF00D83D511871E00508B638F25019BD51A@AUSYD1EX4>

"Dale, Warren" wrote:
> 
> People,
> 
> I am belatedly upgrading from version 1.2.9 to version 2.0.23.
> I am using Solaris 8.
> I am having problems with my ACL specifications.
> 
> Here are the relevant lines from slapd.conf:
> 36  access to attr=userPassword
> 37      by dn="uid=Replicator,ou=Special Users,o=OzEmail,c=au" write
> 38      by dn="uid=Infranet,ou=Special Users,o=OzEmail,c=au" read
> 
> I started slapd with "-d 32767".
> Listed below are two extracts from the output.
> 
> In lines 2-5 the ACL appears to have been accepted.
> In lines 9-41 we see the results, with the failure on line 41.
> 
> Note particularly lines 35-39.
> In lines 35-37 the DN's appear to match.
> But they do not because "string" is empty. (Line 38). Why?
> 
> What have I done wrong?

you need

	by anonymous auth
or
	by * auth

to bind, e.g.

36  access to attr=userPassword
37      by dn="uid=Replicator,ou=Special Users,o=OzEmail,c=au" write
38      by dn="uid=Infranet,ou=Special Users,o=OzEmail,c=au" read
39      by * auth

-- 
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 |
mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy   |
http://www.aero.polimi.it/~masarati

References:
- ACL problem with version 2.0.23
  - From: "Dale, Warren" <Dale.Warren@wcom.com.au>

Prev by Date: Publish userCertificate.
Next by Date: Re: multiple roots under one DSE
Index(es):
- Chronological
- Thread