[Date Prev][Date Next] [Chronological] [Thread] [Top]

help, how can i manage ACL in slapd.conf

To: openldap-software@OpenLDAP.org
Subject: help, how can i manage ACL in slapd.conf
From: 贺鱼 <hefish@vip.cn99.com>
Date: Sat, 27 Mar 2004 17:23:20 +0800

i setup my ldap serve using openldap 2.1.25
and i had add data into ldap server successfully, now the problem is ,
i want that anonymous will not read my data, and i will grant serveral
certain users to manage these data.

e.g.
i want user:  dn=cn=mailadmin,dc=abcd,dc=net can write
dn.base="ou=mail,dc=abcd,dc=net" and other cannot read dn.base="ou=mail,dc=abcd,dc=net"

i write my access line as follows:

access to dn.base="ou=mail,dc=abcd,dc=net" by
dn="cn=mailadmin,dc=abcd,dc=net" write
 by * none

then i add a person as cn=mailadmin,dc=abcd,dc=net into ldap directory
and add a userPassword attr in.
when i use ldapsearch, i get errors:

# ./ldapsearch -h ldap.abcd.com -D "cn=mailadmin,dc=cz8,dc=net" -W
"(objectclass=*)"
Enter LDAP Password: 
ldap_bind: Insufficient access (50)


why? and how can i do that?

thanks for advise!!!!


--------------------
hefish <hefish@vip.cn99.com>
ICQ: 16402939
MSN: hefish@cz8.net
QQ:  831031

Follow-Ups:
- Re: help, how can i manage ACL in slapd.conf
  - From: Tony Earnshaw <tonye@billy.demon.nl>

Prev by Date: Re: Need SASL idiot-proof walkthrough
Next by Date: Re: LDAP defined groups not set properly over ssh
Index(es):
- Chronological
- Thread