[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL : ldap_bind: Insufficient access (50)

To: openldap-software@OpenLDAP.org
Subject: ACL : ldap_bind: Insufficient access (50)
From: kader.seddak@bull.net
Date: Thu, 26 Jun 2003 16:05:40 +0200
Sensitivity:

Hello,
in my slapd.conf, i write this ACL to allow all entry to access in her self
entry :

access to *
        by self write


and when i make a search in my database with this command, i have this
error :
./ldapsearch -h "HOST" -p PORT -D "uid=lpfadmin,ou=LpfAdministrators,o=lpfroot" -W -b "uid=lpfadmin,ou=LpfAdministrators,o=lpfroot" "(objectclass=*)"
Enter LDAP Password:
ldap_bind: Insufficient access (50)


slapd debug with -d 255 :

>>> dnPrettyNormal: <uid=lpfadmin,ou=LpfAdministrators,o=lpfroot>
=> ldap_bv2dn(uid=lpfadmin,ou=LpfAdministrators,o=lpfroot,0)
<= ldap_bv2dn(uid=lpfadmin,ou=LpfAdministrators,o=lpfroot,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=lpfadmin,ou=LpfAdministrators,o=lpfroot,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=lpfadmin,ou=lpfadministrators,o=lpfroot,272)=0
<<< dnPrettyNormal: <uid=lpfadmin,ou=LpfAdministrators,o=lpfroot>, <uid=lpfadmin,ou=lpfadministrators,o=lpfroot>
do_bind: version=3 dn="uid=lpfadmin,ou=LpfAdministrators,o=lpfroot" method=128
==> bdb_bind: dn: uid=lpfadmin,ou=LpfAdministrators,o=lpfroot
bdb_dn2entry_rw("uid=lpfadmin,ou=lpfadministrators,o=lpfroot")
=> bdb_dn2id_matched( "uid=lpfadmin,ou=lpfadministrators,o=lpfroot" )
<= bdb_dn2id_matched: id=0x00000018: entry uid=lpfadmin,ou=lpfadministrators,o=lpfroot
entry_decode: "uid=lpfadmin,ou=LpfAdministrators,o=lpfroot"
<= entry_decode(uid=lpfadmin,ou=LpfAdministrators,o=lpfroot)
=> access_allowed: auth access to "uid=lpfadmin,ou=LpfAdministrators,o=lpfroot" "userPassword" requested
=> acl_get: [1] check attr userPassword
<= acl_get: [1] acl uid=lpfadmin,ou=LpfAdministrators,o=lpfroot attr: userPassword
=> acl_mask: access to entry "uid=lpfadmin,ou=LpfAdministrators,o=lpfroot", attr "userPassword" requested
=> acl_mask: to all values by "", (=n)
<= check a_dn_pat: self
<= acl_mask: no more <who> clauses, returning =n (stop)
=> access_allowed: auth access denied by =n
send_ldap_result: conn=0 op=0 p=3
send_ldap_result: err=50 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=50
ber_flush: 14 bytes to sd 16

Thanks in advance

Follow-Ups:
- RE: ACL : ldap_bind: Insufficient access (50)
  - From: Francois Beretti <francois.beretti@enatel.com>

Prev by Date: ACL/ACI && SASL
Next by Date: Office XP Address Book
Index(es):
- Chronological
- Thread