[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Group access in LDAP

To: <openldap-software@OpenLDAP.org>
Subject: Re: Group access in LDAP
From: "Koen Bosmans" <kbo@melexis.com>
Date: Thu, 2 Dec 1999 16:58:53 +0100
Organization: Elex - Melexis
References: <01b301bf3cd0$5bd65320$4b31200a@tess.elex.be> <19991202161140.A25142@mediator.uni-c.dk>

I'm sorry...

This is the debuglevel 128 output on a search:

=> acl_access_allowed: search access to entry "cn=Sadi Chenini, o=elex,
c=be"

=> acl_access_allowed: search access to value "KBO" by "CN=KOEN
BOSMANS,O=ELEX,C=BE"
<= ldbm_back_group: "CN=KOEN BOSMANS,O=ELEX,C=BE" not in
"CN=ADMIN,O=ELEX,C=BE": member
<= acl_access_allowed: matched by clause #2 access denied

=> access_allowed: exit (cn=Sadi Chenini, o=elex, c=be) attr (uid)

=> access_allowed: entry (cn=admin, o=elex, c=be) attr (uid)

=> acl_get: entry (cn=admin, o=elex, c=be) attr (uid)
<= acl_get: [1] backend acl cn=admin, o=elex, c=be attr: uid


Maybe there is something wrong with my commandline instruction, this is what
I type:

    ldapsearch -b "o=elex,c=be" -D "cn=Koen Bosmans, o=elex, c=be" -W
"uid=kbo"

This should be OK, or not??
The result is get with this is nothing, just a new command line and I'm 100%
shure uid=kbo exists!!

Koen Bosmans



----- Original Message -----
From: Niels Baggesen <Niels.Baggesen@uni-c.dk>
To: <openldap-software@OpenLDAP.org>
Sent: Thursday, December 02, 1999 4:11 PM
Subject: Re: Group access in LDAP


> On Thu, Dec 02, 1999 at 15:20:17 +0100, Koen Bosmans wrote:
> > Can onyone help me with my group problem in openldap???
> >
> > I already searched the FAQ's, mailinglists, etc but could not fing a
> > solution.
> > I only want to create a group in LDAP and access some entries with this
> > group. It sounds easy but I tried almost everything...
> >
> > This is my access part of slapd.conf:
> >
> > access to dn=".*,o=elex,c=BE"
> >         by group="cn=admin,o=elex,c=be"         read
> >         by *                                    none
> >
> >
> > And this is the ldif of my group
> >
> > dn: cn=admin, o=elex, c=be
> > objectclass: top
> > objectclass: groupOfNames
> > cn: admin
> > description: Administrators of the LDAP database
> > member: cn=Peter Tillemans, o=elex, c=be
> > member: cn=Koen Bosmans, o=elex, c=BE
> >
> > This is exactly like that example in the FAQ.
> > I run OpenLDAP 1.2.7 on RedHat 5.2 and compiled it with a standard
> > ./configure (no options given)
>
> And what is your problem? What does not work? What is the error message?
> What is in the log file?
>
> /Niels
>
> --
> Niels Baggesen,  UNI-C,  Olof Palmes Alle 38,  DK-8200 Aarhus N, Denmark
> Email: Niels.Baggesen@uni-c.dk - Tel: +45 8937 6669 - Fax: +45 8937 6677
> ---         The purpose of computing is insight, not numbers         ---

Follow-Ups:
- Re: Group access in LDAP
  - From: "Marco Ferrante" <ferrante@unige.it>

References:
- Group access in LDAP
  - From: "Koen Bosmans" <kbo@melexis.com>
- Re: Group access in LDAP
  - From: Niels Baggesen <Niels.Baggesen@uni-c.dk>

Prev by Date: RE: help needed on referrals
Next by Date: Can´t Retrieve Data
Index(es):
- Chronological
- Thread