[Date Prev][Date Next] [Chronological] [Thread] [Top]

acl self auth problem

Here are my logs:
Sep 15 12:01:16 zeus slapd[17356]: => access_allowed: write access 
to "uid=td,ou=People,dc=birddog,dc=com" "mailLocalAddress" requested
Sep 15 12:01:16 zeus slapd[17356]: => dnpat: [1] (.*,)?
ou=People,dc=birddog,dc=com nsub: 1
Sep 15 12:01:16 zeus slapd[17356]: => acl_get: [1] matched
Sep 15 12:01:16 zeus slapd[17356]: => acl_get: [1] check attr mailLocalAddress
Sep 15 12:01:16 zeus slapd[17356]: => dnpat: [2] (.*,)?dc=birddog,dc=com nsub: 1
Sep 15 12:01:16 zeus slapd[17356]: => acl_get: [2] matched
Sep 15 12:01:16 zeus slapd[17356]: => acl_get: [2] check attr mailLocalAddress
Sep 15 12:01:16 zeus slapd[17356]: <= acl_get: [2] acl 
uid=td,ou=People,dc=birddog,dc=com attr: mailLocalAddress
Sep 15 12:01:16 zeus slapd[17356]: => acl_mask: access to 
entry "uid=td,ou=People,dc=birddog,dc=com", attr "mailLocalAddress" requested
Sep 15 12:01:16 zeus slapd[17356]: => acl_mask: to value 
by "UID=TD,OU=PEOPLE,DC=BIRDDOG,DC=COM", (=n)
Sep 15 12:01:16 zeus slapd[17356]: <= check a_dn_pat: cn=root,dc=birddog,dc=com
Sep 15 12:01:16 zeus slapd[17356]: <= check a_dn_pat: *
Sep 15 12:01:16 zeus slapd[17356]: <= acl_mask: [2] applying none (=n) (stop)
Sep 15 12:01:16 zeus slapd[17356]: <= acl_mask: [2] mask: none (=n)
Sep 15 12:01:16 zeus slapd[17356]: => access_allowed: write access denied by 
none (=n)


Here is my bind info:
dn: uid=td,ou=People,dc=birddog,dc=com

The last line says 'denied by none'....  
Here are my acls:
access to dn="(.*,)?ou=People,dc=birddog,dc=com" attr=uid,userPassword
                by anonymous auth
access to dn="(.*,)?dc=birddog,dc=com" 
attr=uid,userPassword,mailLocalAddress,mailRoutingAddress,mailHost,shadowMax,sha
dowWarning,shadowLastChange,loginShell,uidNumber,gidNumber,homeDirectory,gecos
                by dn="cn=root,dc=birddog,dc=com" write
                by * none
access to dn=".*,ou=People,dc=birddog,dc=com"
                by self write
                by * read
access to *
                by * read

I want a user to be able to edit their own information.  
Thank you for any help.

-- 
Terry Davis
Systems Administrator
BirdDog Solutions, Inc.
(402) 829-6059





-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/