[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: defaultsearchbase

To: openldap-software@OpenLDAP.org
Subject: Re: defaultsearchbase
From: Quanah Gibson-Mount <quanah@stanford.edu>
Date: Fri, 23 Dec 2005 13:25:10 -0800
Content-disposition: inline
In-reply-to: <43AC34EA.4060502@webtent.net>
References: <43AC34EA.4060502@webtent.net>

--On Friday, December 23, 2005 12:33 PM -0500 Robert Fitzpatrick <lists@webtent.net> wrote:

I have my defaultsearchbase set in 2.2.29 to my top level of
'dc=webtent,dcnet', but no client can acccess my entries unless they
have the base set. I just install phpldapadmin and it says 'Could not
determine the root of your LDAP tree. It appears that the LDAP server
has been configured to not reveal its root'.  I assume this has to do
with my access list, but I have this at the end of the list?

access to *
	by sockurl.regex="^ldapi://%2fvar%2frun%2fopenldap%2fldapi/$" write
	by group.exact="cn=Administrators,dc=webtent,dc=net" write
	by self write
	by * read

What else could cause the default not to work?


For phpldapadmin, it is probably looking for the rootDSE to be exposed.

Also recall that ACL's are applied in the order listed, and stop at the first matching ACL, so if the clients match an ACL before your "*" ACL, it will never be applied.

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

References:
- defaultsearchbase
  - From: Robert Fitzpatrick <lists@webtent.net>

Prev by Date: defaultsearchbase
Next by Date: Re: defaultsearchbase
Index(es):
- Chronological
- Thread