[Date Prev][Date Next] [Chronological] [Thread] [Top]

newbie question

To: openldap-software@OpenLDAP.org
Subject: newbie question
From: Chakravarthy Cuddapah <chakravarthy@mac.com>
Date: Tue, 25 Nov 2003 07:09:00 -0800

Suggested solutions did not work. I will give all details:
>From slapd.conf:
access to dn="o=my_org"
        by * write
        by * read

suffix   "o=my_org"
rootdn   "cn=admin,o=Keerthana Technologies"
rootpw   admin_password

I added entries to LDAP using:
ldapadd -f entries.ldif -x -D "cn=admin,o=my_org" -w admin_password

I do a search on 
ldapsearch -x -b 'o=my_org'  '(objectclass=*)'

All entries are listed. 

I want to restrict access to users only and changed access to:
access to dn="o=my_org"
          by users write
          by anonymous auth
          by * none

Now I do a search and nothing is listed. What should be the search parm with this change ?

Appreciate any help.

 
On Tuesday, November 25, 2003, at 04:36AM, Mavric Domen ITWEN5 <d.mavric@iskratel.si> wrote:

>Hi!
>You should bind as an existing user from your ldap tree (eg. cn=user1,ou=users,dc=mydomain,dc=com), with basename (-b option in ldapsearch)  "dc=mydomain,dc=com" or use default suffix from your slapd.conf.
>BR,
>Domen
>
>-----Original Message-----
>From: Chakravarthy Cuddapah [mailto:chakravarthy@mac.com]
>Sent: Tuesday, November 25, 2003 12:22 PM
>To: openldap-software@OpenLDAP.org
>Subject: newbie question
>
>
>None showed up when I used this.
> 
>On Monday, November 24, 2003, at 10:26PM, Mavric Domen ITWEN5 <d.mavric@iskratel.si> wrote:
>
>>Hi!
>>
>>Maybe this will help:
>>
>>access to dn="dc=mydomain,dc=com"
>>        by users write
>>        by anonymous auth
>>        by * none
>>
>>Users will have all permissions under "dc=mydomain,dc=com" suffix, anonymous users must authenticate themselves, access is denied to all the others.
>>BR,
>>Domen
>>
>>-----Original Message-----
>>From: Chakravarthy Cuddapah [mailto:chakravarthy@mac.com]
>>Sent: Tuesday, November 25, 2003 3:21 AM
>>To: openldap-software@OpenLDAP.org
>>Subject: newbie question
>>
>>
>>I am having this in slapd.conf
>>access to dn="dc=mydomain,dc=com"
>>        by * read
>>        by * write
>>
>>I want to restrict read and write access to the users only. Can anyone pls tell me how to change this.
>>
>>Thanks !
>>
>>
>>
>>
>
>

Follow-Ups:
- Re: newbie question
  - From: Dieter Kluenter <dieter@dkluenter.de>

Prev by Date: Re: A question about search bases.
Next by Date: Re: Authenticationg only on port 636
Index(es):
- Chronological
- Thread