[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL for PGP - WAS:Re: Storing Special German Characters in OpenLDAP as PGP -Directory



Hi!

If you try :

access to dn=".*,o=PGP Keys,dc=atrete,dc=ch" by * write
access to dn=".*,dc=ch" by * read
access to * by * read

to send a key you get the error: no write access to parent
But don't I give write access to parent with the first line? This is crazy!!!

Alejandra


At 16:56 04.01.2002 +0100, you wrote:
Hi!

try this, if you only want to search for keys:
access to dn=".*,o=PGP Keys,dc=atrete,dc=ch" by * write
access to dn=".*,dc=ch" by * read
---> access to * by * read  <----


The third line has to be
     access to * by * write !!!
if you want to send keys to the server.

I'm wondering why the third line is neccesary. What does the ##$#-Client try and
where?

Greets,
Joachim





Alejandra Moreno <alejandra.moreno@atrete.ch> am 04.01.2002 16:12:39


An:   openldap-software@OpenLDAP.org
Kopie:     (Blindkopie: Joachim Koch/Login/DE/MLP)

Thema:    Re: Storing Special German Characters in OpenLDAP as PGP   -Directory
      [Virus checked (@MLP)]  [Virus checked]



Hi!

I also tried that, and still didn't work. It's driving me nuts!!!!

At 15:35 04.01.2002 +0100, you wrote:
>quote Alejandra Moreno (4.1.2002):
>
> > If you get some feed back from NAI, just tell me!
> > You were write about the access permission, the following syntax wont work:
> >
> > access to dn=".*,dc=ch" by * read
> > access to dn=".*,o=PGP Keys,dc=atrete,dc=ch" by * write
>
>switch the ACLs to:
>access to dn=".*,o=PGP Keys,dc=atrete,dc=ch" by * write
>access to dn=".*,dc=ch" by * read
>
>the first matching ACL makes the job.
>
>
>    Sebastian Dietzold
>
>--
>Sebastian Dietzold
>Content Management / Directory Services
>Institute for Medical Informatics,
>Statistics and Epidemiology (IMISE)
>University of Leipzig
>Liebigstr. 27
>04103 Leipzig
>Phone: +49 341 97 161 14
>Fax:   +49 341 97 161 30

______________________________________________________________________
Alejandra Moreno Espinar
at rete ag

mailto:alejandra.moreno@atrete.ch, http://www.atrete.ch
snail mail: Oberdorfstrasse 2, P.O. Box 674, 8024 Zurich, Switzerland
voice: +41-1-266 55 55, direct: +41-1-266 55 91, fax: +41-1-266 55 88
_____________________________________________________________________


______________________________________________________________________
Alejandra Moreno Espinar
at rete ag

mailto:alejandra.moreno@atrete.ch, http://www.atrete.ch
snail mail: Oberdorfstrasse 2, P.O. Box 674, 8024 Zurich, Switzerland
voice: +41-1-266 55 55, direct: +41-1-266 55 91, fax: +41-1-266 55 88
_____________________________________________________________________

______________________________________________________________________
Alejandra Moreno Espinar
at rete ag

mailto:alejandra.moreno@atrete.ch, http://www.atrete.ch
snail mail: Oberdorfstrasse 2, P.O. Box 674, 8024 Zurich, Switzerland
voice: +41-1-266 55 55, direct: +41-1-266 55 91, fax: +41-1-266 55 88
_____________________________________________________________________