[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Newbie: ACL issue (I think)

To: Alan Brown <alan@kenamea.com>
Subject: Re: Newbie: ACL issue (I think)
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Tue, 08 Jan 2002 19:05:53 +0100
Cc: openldap-software@OpenLDAP.org
Organization: Dipartimento di Ingegneria Aerospaziale
References: <D880FFC9CFDBA84FA13E9B166D06A1230100632B@daedalus.kenamea.com>

Alan Brown wrote:
> 
> I'm trying to access an LDAP server through sonicMQ.  I've built the
> world's simplest slapd.conf file to enable all access to all people, yet
> I'm still getting an Insufficient Access Rights message.  My slapd.conf
> file contains the following lines...
> 
> defaultaccess=write
> access to * by * read
> access to * by * write
> access to * by * search

this is not correct, because the first
acl catches everybody and the others 
are not triggered. Note that read implies 
search but not write. If you use

access to * by * write

alone then you get what you desire (which 
is a poor ACL policy, I presume).

Pierangelo


-- 
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 |
mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy   |
http://www.aero.polimi.it/~masarati

References:
- Newbie: ACL issue (I think)
  - From: "Alan Brown" <alan@kenamea.com>

Prev by Date: Newbie: ACL issue (I think)
Next by Date: Netscape roaming and openldap
Index(es):
- Chronological
- Thread