[Date Prev][Date Next]
Re: ACL's using group access do not work (ITS#2118)
--On Monday, September 30, 2002 1:30 PM -0700 "Kurt D. Zeilenga"
> To eliminate the SASL authzid stuff from this, you try authenticating
> directly as:
> using simple authentication to see if problem is with
> the group code or the authzid code. Also, modifying
> bdb_group() to print both the DN and the normalized
> DN of the operation may be useful.
> I've tried unsuccessfully to duplicate this problem by
> hacking on test007-acls.
I'm not quite clear here on what you want me to do as far as
authenticating, since I've not really used simple authentication. What I
have done is this:
Made the rootdn in slapd.conf be "cn=suregid...."
Add a rootpw line
Then do a
ldapsearch -x -w <password> -D "cn=suregid..."
That gives me full root access into the directory server, so then of course
it doesn't even check to see if it can do group binds.
Just doing an ldapsearch -x made anonymous binds, since I had no form of
I'm looking at the bdb_group code, and I'll see if I can get it to print
Senior Systems Administrator
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html