[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldapaci

>I have tried this approach.  But it doesn't work.  Is there any
>workaround.  hall i have to put something in access.conf.  Because, when i
>tried to update any attribute(self) it gives an error "Insufficient access
>rights". Currently my slapd.conf dont have anything related with the acl's.
>My Slapd.conf and access.conf are give below.

I'd think you need to add the initial ACI information while bound as the DSA

Change your ACL to

access to * 
  by dn="cn=Manager,dc=..." write
  by aci write 

so you have a user who can add the ACI information prior to the ACI information
you need to write to the object existing.  Catch-22.

Did you add "objectclass: OpenLDAPacl" to the objects?

Did you change OpenLDAPaciMatch to caseIgnoreIA5Match in core.schema?