[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP DN's permissions


> I know exactly what you mean.  Here's what you want to do:
> Add the ldapdm user object from the ldif file, only you need to bind as
> the rootdn (giving the rootpw, of course).

I've done that.

> You can add the user, as bind
> as that user before it even exists in the db.  The only way you can do
> this is by binding as root.  Once you have the user added, you can do the
> acl stuff to your hearts content.

I get this :

[root@wrkst /root]# ldapadd -x -W -D "cn=ldapadm,dc=jdimedia,dc=local" -f
Enter LDAP Password:
adding new entry "cn=blaat,dc=jdimedia,dc=local"
ldap_add: Insufficient access
        additional info: no write access to parent

ldif_record() = 50

ACL's :

access to attr=userPassword
        by self write
        by anonymous auth
        by dn="cn=ldapadm,dc=jdimedia,dc=local" write
        by * none

        access to *
        by self write
        by dn="cn=ldapadm,dc=jdimedia,dc=local" write
        by * read

> Hope that helps,

If I get rid of this problem I'm totally happy :)

> Andy