[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Newbie Question --what is ldapsearch telling me?

On Thursday, 17. January 2002 21:35, Bill Gray wrote:
> I'm trying to move from a v1 openldap,  which somebody
> else set up,  to v2 on a SuSE Linux 7.3 system,  using
> the  OpenLDAP 2.0.12-Release  that comes with it.  The
> database has been primed with the same LDIF used to
> start the old v1.
>   # Added following 1 line to original from v1:
>   include         /etc/openldap/schema/core.schema
>   include         /etc/openldap/slapd.at.conf
>   include         /etc/openldap/slapd.oc.conf
>   schemacheck     off
>   sizelimit       2000


>   defaultaccess   read
>   access to attr=userpassword
>     by self write
>     by dn="cn=ldap, o=myorg, c=us" write
>     by * none


You should really read the OpenLDAP admin guide. Several things in slapd.conf 
have changed from OpenLDAP1 to OpenLDAP2, especially the schema stuff (and 
you really shouldn't use schemacheck off!!!). Another issue is that the 
defaultaccess statement is only used if you have no other access to statement 
(and you have) Another access to * by * read statement behind your fist one 
might help (not that these are really good ACLs...) 

BTW. You will still not be able to authenticate with simple authentication to 
your directory (because you need anonymous auth access to userpassword to do 
a simple auth).

Stephan Siano

Stephan Siano                           Mail:  Stephan.Siano@suse.de
SuSE Linux Solutions AG                 Phone: 06196 50951 31
Mergenthalerallee 45-47			Fax:   06196 409607
D-65760 Eschborn