[Date Prev][Date Next]
Placed At : MAATDLN
12/01/2002 10:09 AM
I'm trying setup an address book on openldap in such a way that only the user
can see his own address book.I have a few doubts regrading this after making a
few valiant attempts to set it up myself..I hope some one can help me with
These are the steps i have folowed in setting it up..
I have given the ldifs below..
This is the LDIF I have ported for a user kannan
Now this user Kannan has a few names in his addressbook..
An example of a name for user kannan will be.the LDIF given below..
Now when I have no acls specified then everything works fine and
everybody can view the entire addressbook..I want to authenticate this user
kannan to view only his address book ..so I give the follwoing entries in the
access to dn="uid=*,o=addressroot" by anonymous auth
access to dn="uid=*,o=addressroot" by * read
When I do a ldapseach then I get insufficient_access.the password I had given is
correct .and I run slapd in full debug mode but am not gettin a readablde
error..except for a few error codes which i understand gets thrown when there is
an insufficient access..Can anyone tell me if theresomething worng int he way my
data has been created or there is something wrong with the acl itself
I have also tried
access to dn="uid=*,o=addressroot" by users read
I get the same result..
I hoep somebodt can help me out in this..