Serious problem with access clause (ITS#2557)

[quanah@stanford.edu]

Full_Name: Quanah Gibson-Mount
Version: 2.1.20
OS: Solaris 8
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (171.66.182.82)


Hello,

I find that I cannot implement the following ACL due to limitations in
OpenLDAP:

access to dn.children="cn=People,dc=stanford,dc=edu"
attrs=cn,sn,objectClass,givenName,suPrivilegeGr
oup,suDisplayNameLF,displayName,suPrimaryOrganizationID,ou,uid,suRegID,suVisibEmail,suVisibHomeAddre
ss,suVisibHomePage,suVisibHomePhone,suVisibIdentity,suVisibLocalAddress,suVisibLocalPhone,suVisibMai
lAddress,suVisibMobilePhone,suVisibPagerEmail,suVisibPagerPhone,suVisibPermanentAddress,suVisibPerma
nentPhone,suVisibProfile,suVisibSunetID,suVisibAffiliation1,suVisibAffiliation2,suVisibAffiliation3,
suVisibAffiliation4,suVisibAffiliation5,suVisibAffilAddress1,suVisibAffilAddress2,suVisibAffilAddres
s3,suVisibAffilAddress4,suVisibAffilAddress5,suVisibAffilPhone1,suVisibAffilPhone2,suVisibAffilPhone
3,suVisibAffilPhone4,suVisibAffilPhone5,suGwAffiliation1,suGwAffiliation2,suGwAffiliation3,suGwAffil
iation4,suGwAffiliation5,suGwAffilAddress1,suGwAffilAddress2,suGwAffilAddress3,suGwAffilAddress4,suG
wAffilAddress5,suGwAffilMailCode1,suGwAffilMailCode2,suGwAffilMailCode3,suGwAffilMailCode4,suGwAffil
MailCode5,suGwAffilPhone1,suGwAffilPhone2,suGwAffilPhone3,suGwAffilPhone4,suGwAffilPhone5,suLocalAdd
ress,suPermanentAddress,suMailAdress,street,homePostalAddress,postalAddress,suLocalPhone,suPermanent
Phone,suResidentPhone,facsimileTelephoneNumber,homePhone,telephoneNumber,mobile
        by dn.base="cn=adharv,cn=applications,dc=stanford,dc=edu" read
        by * break

The error I receive is:

/usr/local/etc/openldap/slapd.acl: line 62: unknown attr "suGwAffilPhon" in to
clause

Obviously, it is reaching a string limit.  I can not fix this by making it
seperate lines, as it uses a line break to differentiate between the to and by
pieces of the ACL.