[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL problems: (was: objectIdentifierMatch)



Changed the subject as this has nothing to do with the
objectIdentifierMatch issue previously reported.

As far as debugging your problem, I suggest you examine
logs to determine what's going here.  Enabling ACL logging
would likely be particular informative.

The only curious thing I see in your post is your comment:
>I am a member of both ldapadmin, and supervisor.  Still,
>with this setup, I cannot bind as either of them

This implies you are not authenticating as yourself but as
  cn=supervisor,cn=applications,dc=stanford,dc=edu
or
  cn=ldapadmin,cn=applications,dc=stanford,dc=edu

Or maybe you are authenticating as yourself and assuming
one of these identities.

If either of DNs is your authorization DN and its not
a member of group, then it has only "auth" access.

That is, a group is not a member of the group unless
it's explicitly listed as a member of the group.

Presently, this sounds more like a software use issue than
a software bug.

Kurt