[Date Prev][Date Next] [Chronological] [Thread] [Top]

ROAMING problems



I am trying to create ROAMING via Netscpae and LDAP on my test LDAP database.

I have had partial success thanks to help from Deke Clinger.
When I start Netscape Communicator it connects to my Test database on port 390 and goes through the process of synchronising everything and when I close down Netscape Communicator it says it is writing the data to the database.

When I log onto another Pc and start Netscape Communicator with Roaming Access specified, I do not get the bookmarks that I have on my own PC. I am accessing the LDAP database with the same usercode and password.

I am using Netscape Communicator 4.6 and OpenLDAP 1.2.8

I think the problem is with my access rights, but I can't work out why.

My Slapd>conf looks like this:-

include /home/users/noc/ldap/Zkousit/openldap-1.2.8/servers/slapd/slapd.at.conf
include /home/users/noc/ldap/Zkousit/openldap-1.2.8/servers/slapd/slapd.oc.conf
include /home/users/noc/ldap/Zkousit/openldap-1.2.8/servers/slapd/ns-mcd-li-schema.conf
schemacheck off
lastmod on
#referral ldap://root.openldap.org/
#defaultaccess none
pidfile %LOCALSTATEDIR%/slapd.pid
argsfile %LOCALSTATEDIR%/slapd.args

########################################################
# ldbm database definitions
########################################################


database ldbm
suffix "dc=pokuscca, dc=cz"
rootdn "cn=pokusmanager, dc=pokuscca, dc=cz"
rootpw xxxxx
directory /home/users/noc/ldap/Zkousit/openldap- 1.2.8/var/slapd (all on 1 line)

access to dn=".*,ou=Roaming,dc=pokuscca,dc=cz"
by dnattr=owner write
by dn="cn=noc,dc=pokuscca,dc=cz" write

access to attr=userpassword
by self write
by dn="cn=noc,dc=pokuscca,dc=cz" write
by dn="cn=pokusmanager, dc=pokuscca, dc=cz" write
by * none

access to attr=homephone
by self write
by dn="cn=noc,dc=pokuscca,dc=cz" write
by dn="cn=pokusmanager, dc=pokuscca, dc=cz" write
by dnattr=manager read
by * none

access to dn=".*,dc=pokuscca,dc=cz"
by self write
by dn="cn=noc,dc=pokuscca,dc=cz" write
by dn="cn=pokusmanager, dc=pokuscca, dc=cz" write
by * read

I have started SLAPD in debug mode and get the following messages:-

=> access_allowed: entry (nsLIElementType=bookmarks,nsLIProfileName=noc, dc=pokuscca,dc=cz) attr (objectclass)

=> acl_get: entry (nsLIElementType=bookmarks,nsLIProfileName=noc, dc=pokuscca,dc=cz) attr (objectclass)
=> acl_get: edn NSLIELEMENTTYPE=BOOKMARKS,NSLIPROFILENAME=NOC,DC=POKUSCCA,DC=CZ
=> dnpat: [1] .*,OU=ROAMING,DC=POKUSCCA,DC=CZ nsub: 0
=> acl_get: [2] check attr objectclass
=> acl_get: [3] check attr objectclass
=> dnpat: [4] .*,DC=POKUSCCA,DC=CZ nsub: 0
=> acl_get:[4] backend ACL match
=> acl_get: [4] check attr objectclass
<= acl_get: [4] backend acl nsLIElementType=bookmarks,nsLIProfileName=noc, dc=pokuscca,dc=cz attr: objectclass

=> acl_access_allowed: search access to entry "nsLIElementType=bookmarks,nsLIProfileName=noc, dc=pokuscca,dc=cz"

=> acl_access_allowed: search access to value "any" by "CN=NOC,DC=POKUSCCA,DC=CZ"
<= check a_dnpat: self
<= check a_dnpat: CN=NOC,DC=POKUSCCA,DC=CZ
=> string_expand: pattern: CN=NOC,DC=POKUSCCA,DC=CZ
=> string_expand: expanded: CN=NOC,DC=POKUSCCA,DC=CZ
=> regex_matches: string: CN=NOC,DC=POKUSCCA,DC=CZ
=> regex_matches: rc: 0 matches
<= acl_access_allowed: matched by clause #2 access granted

=> access_allowed: exit (nsLIElementType=bookmarks,nsLIProfileName=noc, dc=pokuscca,dc=cz) attr (objectclass)

Other requests give me read access instead of the search access but I have write access to everything in the Slapd.conf
( at least I think I do!!!!)

The entry in the data base for user noc is:

dn: cn=noc,dc=pokuscca,dc=cz
objectclass: person & organisationalPerson&inetdPerson
cn: Antonin Christopher Novak
cn: Antonin Novak
cn: Tony Novak
cn: noc
givenname: Antonin Christopher
givenname: Antonin
userfriendlyname: Tony
sn: Novak
postaladdress:: U3lzdGVtb3ZhIGEgdGVjaG5pa2EgcG9kcG9yYSwgICAgICAgQ0NBIHNwb2wuI
HMuci5vLiwJCSAgICAgICBLcmF0a2EgOCwgICAgICAgMzA3MDggUGx6ZW4gICAgICAgQ2Vza2Egc
mVwdWJsaWNl
l: Plzen
mail: Antonin.Novak@cca.cz
mail: noc@cca.cz
o: Pokus CCA
ou: STP
modifytimestamp: 20000127131409Z
modifiersname: cn=noc,dc=pokuscca,dc=cz
userpassword: {crypt}/ASMc1JqF1N0.

dn: nsLIProfileName=noc, dc=pokuscca,dc=cz
objectclass: top
objectclass: nsLIProfile
nsliprofilename: Antonin Novak
owner: cn=noc, dc=pokuscca,dc=cz
creatorsname: cn=pokusmanager, dc=pokuscca, dc=cz
createtimestamp: 20000202084000Z

Has anyone any clues as to what I need to change/create in order to obtain my elusive ROAMING

Thanks in anticipation

Tony