[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: acl_mask: no more <who> clauses, returning =n (stop)



> The above message is returned whenever I try to authenticate from a RH
> Linux 7.2 client to openldap 2.0.18 on RH Linux 7.2 Server.
> 
> My acl is as follows:
> 
> defaultaccess read
> access to *
> 	by dn="cn=Manager,dc=blaue-elise,dc=net" write

This rule catches EVERYTHING

> access to attr=uid,uidNumber,gidNumber,userPassword,shadowPassword
> 	by dn="cn=Manager,dc=blaue-elise,dc=net" write
> 	by self write
> 	by * auth
> 	by anonymous auth

This is never reached

Check the FAQ on how to write ACL rules.

Pierangelo