[Date Prev][Date Next]
RE: group access "write" in OpenLDAP 2.1.4
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Michiko Nagara
> I have a question about the group access.
> I am using OpenLDAP 2.1.4 + BerkeleyDB 4.0.14.
> OS: Solaris 8, Turbolinux 7.0
> I have created the following group.
> (made reference to FAQ:
> How do I use groups as manage access contorls?)
> +--cn=fred blogs,dc=example,dc=com
> cn: administrators of this region
You need a "cn: administrators" value to match the specified DN.
> objectclass: groupOfNames
> objectclass: top
> member: cn=fred blogs,dc=example,dc=com
> member: cn=somebody else,dc=example,dc=com
> slapd.conf : the GROUP access acl
> access to *
> by group="cn=administrators,dc=example,dc=com" write
> by * auth
> When I tried to modify dn "cn=fred blogs,dc=example,dc=com",
> it works fine.
> But when I tried to search filter "(objectclass=*)", I got
> no entries.
> # extended LDIF
> # LDAPv3
> # filter: (objectclass=*)
> # requesting: ALL
> # search result
> search: 2
> result: 0 Success
> # numResponses: 1
> When I used OpenLDAP 2.1.3 with same acl as the above-mentioned,
> I could get all entries.
> Also, I changed group.c v184.108.40.206 to v220.127.116.11 in OpenLDAP 2.1.4
> and rebuilt, I could get all entries.
This is odd, since the only difference between v18.104.22.168 and v22.214.171.124 is in
the debug log statements. But there is, unfortunately, an error that was
introduced in v126.96.36.199 which was in the 2.1.4 release. The fix is in the CVS
HEAD and in v188.8.131.52, which will be in the 2.1.5 release.
> When version 2.1.4 is used, should I do anything else?
You should be able to do things exactly the same as in 2.1.3, but for this
error. Get the update and it will work.
> I apologize for the unskilled English language and long writing.
Nothing to apologize for, your post was clear.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support