[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch strange output

To: JDC <jdc@sbtechnique.ch>
Subject: Re: ldapsearch strange output
From: Ziya Suzen <ziya@ripe.net>
Date: Wed, 11 Jun 2003 21:27:39 +0200
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <200306111619.h5BGJSfl007541@lanserver2.intra.sbtechnique.ch>
References: <200306111619.h5BGJSfl007541@lanserver2.intra.sbtechnique.ch>
User-agent: Mutt/1.4.1i

On 2003-06-11 18:18:45 +0000, JDC wrote:
> 
> 
> end
> latest ldapsearch+sasl+digestmd5+bdb lists pwd content:
> 
> i.e
> 
> I'm a complete novice but does anybody ever received
> such a result that when running ldapsearch -U admin@(FQDN) '(objectClass=*)' *
> the requesting part of the output is a listing of all files in the pwd?
> sorry the line may not be quiet correct but this is it basicly.
> 
> I compiled the latetest sources of SleepyCat openldap and cyrus-sasl on a
> redhat7.2. I'm using ldapnavigator and like users to authenticate.
> 
> thks for any hint

Do you have any ACLs in your config?

You should have something like this in your slapd.conf:

access to attr=userPassword
          by self write
          by anonymous auth
          by dn.base="cn=Admin,dc=example,dc=com" write
          by * none

You can make it global or database specific, whether its placed before
all the database directives or after a database directive
respectively.

Please see slapd.access(5) man page;
 http://www.openldap.org/software/man.cgi?query=slapd.access
  and
 http://www.openldap.org/doc/admin21/slapdconfig.html#Access%20Control

I don't know how you can do it with ldapnavigator but its project page
claims to have an 'ACL wizard'. You might want to try your luck with
that (don't complain to me if it does not work or you can't get it to
work).

Ziya.

> 
> end

References:
- ldapsearch strange output
  - From: JDC <jdc@sbtechnique.ch>

Prev by Date: Building a private backend
Next by Date: patch for OpenLDAP search timeout
Index(es):
- Chronological
- Thread