[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem of ACL

To: openldap-software@OpenLDAP.org
Subject: Problem of ACL
From: Jean-Eric Cuendet <Jean-Eric.Cuendet@linkvest.com>
Date: Fri, 23 Mar 2001 18:21:59 +0100

Hi,
I have some access lists defined in my slapd.conf file. I can authenticate
(bind) to the directory but after that, if I set
  access to * by * write
I can modify the schema but if I set:
  access to * by dn="CN=JEC.*" write
I can't!

The command is:
  ldapmodify -x -D "cn=jec,cn=Users,dc=linkvest,dc=com" -f jec.ldif  -r -w
XXX
In the first case, the result is OK, In the second, I have a 
  Insufficient access
Message!
Any idea?

Thanks
-jec

PS: Below is the log of the slapd daemon.

Mar 23 18:17:12 testbed slapd[28384]: slapd startup: initiated.
Mar 23 18:17:12 testbed slapd[28384]: slapd starting
Mar 23 18:17:14 testbed slapd[28384]: connection_get(10): got connid=0
Mar 23 18:17:14 testbed slapd[28384]: connection_read(10): checking for
input on id=0
Mar 23 18:17:14 testbed slapd[28384]: do_bind
Mar 23 18:17:14 testbed slapd[28384]: do_bind: version=3
dn="cn=jec,cn=Users,dc=linkvest,dc=com" method=128
Mar 23 18:17:14 testbed slapd[28384]: dn2entry_r: dn:
"CN=JEC,CN=USERS,DC=LINKVEST,DC=COM"
Mar 23 18:17:14 testbed slapd[28384]: => dn2id(
"CN=JEC,CN=USERS,DC=LINKVEST,DC=COM" )
Mar 23 18:17:14 testbed slapd[28384]: => ldbm_cache_open(
"/var/lib/ldap/dn2id.gdbm", 34, 600 )
Mar 23 18:17:14 testbed slapd[28384]: <= ldbm_cache_open (opened 0)
Mar 23 18:17:14 testbed slapd[28384]: <= dn2id 16
Mar 23 18:17:14 testbed slapd[28384]: => id2entry_r( 16 )
Mar 23 18:17:14 testbed slapd[28384]: => ldbm_cache_open(
"/var/lib/ldap/id2entry.gdbm", 34, 600 )
Mar 23 18:17:14 testbed slapd[28384]: <= ldbm_cache_open (opened 1)
Mar 23 18:17:14 testbed slapd[28384]: => str2entry
Mar 23 18:17:14 testbed slapd[28384]: <=
str2entry(cn=jec,cn=Users,dc=linkvest,dc=com) -> -1 (0x8129bc0)
Mar 23 18:17:14 testbed slapd[28384]: <= id2entry_r( 16 ) 0x8129bc0 (disk)
Mar 23 18:17:14 testbed slapd[28384]: => string_expand: pattern:  CN=JEC.*
Mar 23 18:17:14 testbed slapd[28384]: => string_expand: expanded: CN=JEC.*
Mar 23 18:17:14 testbed slapd[28384]: => regex_matches: string:
Mar 23 18:17:14 testbed slapd[28384]: => regex_matches: rc: 1 no matches
Mar 23 18:17:14 testbed slapd[28384]: send_ldap_result: conn=0 op=0 p=3
Mar 23 18:17:14 testbed slapd[28384]: send_ldap_response: msgid=1 tag=97
err=50
Mar 23 18:17:14 testbed slapd[28384]: ====> cache_return_entry_r( 16 ):
created (0)
Mar 23 18:17:14 testbed slapd[28384]: ber_get_next on fd 10 failed errno=0
(Success)
Mar 23 18:17:14 testbed slapd[28384]: connection_read(10): input error=-2
id=0, closing.
Mar 23 18:17:14 testbed slapd[28384]: connection_closing: readying conn=0
sd=10 for close
Mar 23 18:17:14 testbed slapd[28384]: connection_close: conn=0 sd=10




_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
Jean-Eric Cuendet
Linkvest SA
Av des Baumettes 19, 1020 Renens Switzerland
Tel +41 21 632 9043  Fax +41 21 632 9090
http://www.linkvest.com  E-mail: jean-eric.cuendet@linkvest.com
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Prev by Date: Re: How list all of the contents of an LDAP Directory.
Next by Date: core dumps with slapd, TLS, and solaris 8
Index(es):
- Chronological
- Thread