[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL for PGP - WAS:Re: Storing Special German Characters in OpenLDAP as PGP -Directory



Hi!

I have just noticed that

     access to dn=".*,o=PGP Keys,dc=atrete,dc=ch" by * write
     access to dn=".*,dc=ch" by * read
     access to * by * write

is not sufficient for _adding_ new keys in the server. With the ACL above you
can only
_update_ existent keys. (err=50 text=no write access to parent)


Can anybody help?


Best Regards,
Joachim






Joachim.Koch@mlp-ag.com am 04.01.2002 16:56:57


An:   alejandra.moreno@atrete.ch, openldap-software@OpenLDAP.org
Kopie:    dietzold@imise.uni-leipzig.de (Blindkopie: Joachim Koch/Login/DE/MLP)

Thema:    ACL for PGP - WAS:Re: Storing Special German Characters in    OpenLDAP
      as PGP -Directory



Hi!

try this, if you only want to search for keys:
access to dn=".*,o=PGP Keys,dc=atrete,dc=ch" by * write
access to dn=".*,dc=ch" by * read
---> access to * by * read  <----


The third line has to be
     access to * by * write !!!
if you want to send keys to the server.

I'm wondering why the third line is neccesary. What does the ##$#-Client try and
where?

Greets,
Joachim





Alejandra Moreno <alejandra.moreno@atrete.ch> am 04.01.2002 16:12:39


An:   openldap-software@OpenLDAP.org
Kopie:     (Blindkopie: Joachim Koch/Login/DE/MLP)

Thema:    Re: Storing Special German Characters in OpenLDAP as PGP   -Directory
      [Virus checked (@MLP)]  [Virus checked]



Hi!

I also tried that, and still didn't work. It's driving me nuts!!!!

At 15:35 04.01.2002 +0100, you wrote:
>quote Alejandra Moreno (4.1.2002):
>
> > If you get some feed back from NAI, just tell me!
> > You were write about the access permission, the following syntax wont work:
> >
> > access to dn=".*,dc=ch" by * read
> > access to dn=".*,o=PGP Keys,dc=atrete,dc=ch" by * write
>
>switch the ACLs to:
>access to dn=".*,o=PGP Keys,dc=atrete,dc=ch" by * write
>access to dn=".*,dc=ch" by * read
>
>the first matching ACL makes the job.
>
>
>    Sebastian Dietzold
>
>--
>Sebastian Dietzold
>Content Management / Directory Services
>Institute for Medical Informatics,
>Statistics and Epidemiology (IMISE)
>University of Leipzig
>Liebigstr. 27
>04103 Leipzig
>Phone: +49 341 97 161 14
>Fax:   +49 341 97 161 30

______________________________________________________________________
Alejandra Moreno Espinar
at rete ag

mailto:alejandra.moreno@atrete.ch, http://www.atrete.ch
snail mail: Oberdorfstrasse 2, P.O. Box 674, 8024 Zurich, Switzerland
voice: +41-1-266 55 55, direct: +41-1-266 55 91, fax: +41-1-266 55 88
_____________________________________________________________________


______________________________________________________________________
Alejandra Moreno Espinar
at rete ag

mailto:alejandra.moreno@atrete.ch, http://www.atrete.ch
snail mail: Oberdorfstrasse 2, P.O. Box 674, 8024 Zurich, Switzerland
voice: +41-1-266 55 55, direct: +41-1-266 55 91, fax: +41-1-266 55 88
_____________________________________________________________________