Trying to convert Netscape aci to OpenLDAP access

["Chuck A. Phillips" <chuckp@unm.edu>]

Hi,
	I have been trying, unsucsesfully, to convert some netscape
aci statements to their OpenLDAP equivelant.  

Here are the NETSCAPE aci statements:
aci: (target ="ldap:///o=UNM, c=US")(targetattr !="userPa
 ssword")(version 3.0;acl "Anonymous read-search access";allow (read, search,
  compare)(userdn = "ldap:///anyone";);)
aci: (target ="ldap:///o=UNM, c=US")(targetattr = "*")(ve
 rsion 3.0; acl "Untitled"; allow (write, add , delete )   userdn =  " ldap:/
 //uid=admin,o=UNM,c=US" ;)
aci: (target ="ldap:///o=UNM, c=US")(targetattr = "*")(ve
 rsion 3.0; acl "Untitled"; allow (write, add , delete )   groupdn = "ldap://
 /cn=Administrators,o=UNM,c=US" ;)
aci: (target="ldap:///o=UNM,c=US";) (targetattr = "*")(ver
 sion 3.0; acl "Allow self entry modification"; allow (write) userdn = "ldap:
 ///self";)
aci: (target="ldap:///o=UNM,c=US";) (targetattr = "*")(ver
 sion 3.0; acl "Suitespot Adminstrators Group"; allow (all) groupdn = "ldap:/
 //cn=Administrators,o=UNM,c=US";)
aci: (target="ldap:///o=UNM, c=US") (targetattr = "*") (v
 ersion 3.0; acl "Calendar Administrators Group"; allow(all) groupdn = "ldap:
 ///cn=CorporateTime Server Admins,o=UNM, c=US";)


Here is my latest attempt at the access statements:
defaultaccess none
access to *
  by self write
  by * read
access to *
  attr=userpassword
  by * none
access to *
  attr=*
  by group="cn=Administrators, o=UNM, c=US" write
access to *
  attr=*
  by group="cn=CorporateTime Server Admins,o=UNM,c=US" write

Can anyone see what I am doing wrong??


                                                Chuck Phillips
						Systems Specialist
                                                chuckp@unm.edu
        <+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+>