[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL Problem

To: openldap-software@OpenLDAP.org
Subject: ACL Problem
From: "Florian Preuß" <florian-preuss@gmx.net>
Date: Thu, 10 Feb 2005 15:20:37 +0100 (MET)

I have a problem using ACLs. 
My master configuration workd fine. Users only see the users of wop_eg & 
wop. 
# ACLs 
defaultaccess search 
access to dn.children="ou=wop_eg,ou=de,ou=Users,dc=test,dc=net" 
        by users read 
access to dn.children="ou=wop,ou=de,ou=Users,dc=test,dc=net" 
        by users read 
access to dn.children="ou=security,dc=test,dc=net" 
        by * auth 
 
For replication I set up another ldap server using the same directives and 
one additional. And updating doesn't work. If I disable the ACLs on the 
replica, all's fine. I want ldapsearch to give the same results like 
ldapsearch against the master server but it gives me the whole directory. 
 
access to * 
        by dn="uid=replicat,cn=test.net,cn=gssapi,cn=auth" write 
        by * read 
access to dn.children="ou=wop_eg,ou=de,ou=Users,dc=test,dc=net" 
        by users read 
access to dn.children="ou=wop,ou=de,ou=Users,dc=test,dc=net" 
        by users read 
access to dn.children="ou=security,dc=test,dc=net" 
        by * auth 

-- 
Lassen Sie Ihren Gedanken freien Lauf... z.B. per FreeSMS
GMX bietet bis zu 100 FreeSMS/Monat: http://www.gmx.net/de/go/mail

Prev by Date: Re: monitoredInfo breakdown
Next by Date: SASL EXTERNAL with URLs other than ldapi://
Index(es):
- Chronological
- Thread