[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACL question
i have put the space in and i have userpassword attributes, but i still get insufficient access.
any other ideas of what i could have wrong?
thanks for the other answer.
peter choe
Patrick Timmons wrote:
> Two things come to mind.
>
> 1) The access rules should be like this:
>
> defaultaccess read
> access to dn="cn=peter choe,o=mycompany,c=us" by self write
>
> or if the access line is on more than one line, a space should precedes
> everey continuation line. Ex:
>
> defaultaccess read
> access to dn="cn=peter choe,o=mycompany,c=us"
> by self write
>
> ^
> |
> +--- space here.
>
> 2) The entry should have a userpassword attribute (your record doesn't
> show that.)
>
> P.Timmons.
>
> Peter Choe wrote:
> >
> > i am trying to set up my ldap directory to allow the person to alter their own entries.
> >
> > for example:
> >
> > dn: cn=Peter Choe, o=myCompany, c=US
> > objectclass: person
> > mail: choepete@mindspring.com
> > phone: 555-5555
> > etc...
> >
> > i have the follow ACI in my slapd.conf:
> > default read
> > access to dn="cn=Peter Choe, o=myCompany, c=US"
> > by self write
> >
> > but when i try to modify something it says insufficient access. as far as i can tell from
> > reading about ACL, this should allow the person to add and modify their own entrie (ie
> > change their attributes). am i wrong thinking this? how would i set it up to allow each
> > user to change their own entries?
> >
> > i am using openLDAP1.2.10.
> >
> > thanks for any help
> >
> > Peter Choe
>
> --
> P.Timmons, service informatique