[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Granting write to ou

To: openldap-technical@openldap.org
Subject: Re: Granting write to ou
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Wed, 5 Jan 2011 09:02:24 +0100
In-reply-to: <4D238A48.3000805@domingo.dk>
Organization: AVCI
References: <4D12014A.90709@domingo.dk> <20101222203220.6ca88783@rubin.avci.de> <4D238A48.3000805@domingo.dk>

Am Tue, 04 Jan 2011 21:59:52 +0100
schrieb "Thomas D. Dahlmann" <domingo@domingo.dk>:

> 
> > something like:
> > ldapmodify -D "cn=config" -W -H ldap://some.host
> > dn:olcDatabase={1}hdb,cn=config
> > changetype: modify
> > replace: olcAccess
> > olcAccess: {1} to dn.subtree="ou=addressbook,dc=example,dc=net" by
> >   users write by * read
> Gives me this:
>   ldapmodify -D "cn=admin,dc=example,dc=net" -W -H ldap://localhost
> Enter LDAP Password:
> dn:olcDatabase={1}hdb,cn=config
> changetype: modify
> replace: olcAccess
> olcAccess: to dn.subtree="ou=addressbook,dc=example,dc=net" by users 
> write by * read
> 
> modifying entry "olcDatabase={1}hdb,cn=config"
> ldap_modify: Insufficient access (50)
> 
> "cn=admin,dc=example,dc=net" is my root account so I don't see why it 
> shouldn't have access??

cn=config has its own rootdn, olcDatabase={0}cn=config, if not
configured, it should be cn=config

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E

Follow-Ups:
- Re: Granting write to ou
  - From: "Thomas D. Dahlmann" <domingo@domingo.dk>

References:
- Re: Granting write to ou
  - From: "Thomas D. Dahlmann" <domingo@domingo.dk>

Prev by Date: MinGW & IPv6?
Next by Date: Re: a problem of authentication fail in Ubuntu 10.04,slapd 2.4.21
Index(es):
- Chronological
- Thread