[Date Prev][Date Next] [Chronological] [Thread] [Top]

Some children only viewable by root user?

To: openldap-software@OpenLDAP.org
Subject: Some children only viewable by root user?
From: Brandon Hume - OpenLDAP list <hume-ol@Den.BOFH.Halifax.NS.Ca>
Date: Tue, 2 Dec 2003 19:04:55 -0400 (AST)

I've got a very odd problem here.  I've got a list of entries under
"ou=Departments,dc=dal,dc=ca", each one being a department at our 'o'.
Problem is, not all of the them show up when doing a query like the following:

    ldapsearch -x -b 'ou=departments,dc=dal,dc=ca' -s sub '(ou=*)'

However, they DO show up if I bind as the root user.  They also show up if
I do a slightly more specific search, like '(ou=N*)', or specifically set
-b to their DN.

Thinking this might be an ACL issue, I tried using this ACL, and ONLY this
ACL:

	access to * by * write

Still no luck.

I've run slapd -d128, and the main difference seems to be that as anonymous,
I get a lot of:

	access_allowed: no res from state (objectClass)

... when as rootDN I don't.

Anyone know where to go from here?  This is OpenLDAP 2.1.21.

Follow-Ups:
- Re: Some children only viewable by root user?
  - From: Ace Suares <ace@suares.nl>
- Re: Some children only viewable by root user?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RE: [JunkMail] Re: authentication with ldap
Next by Date: Re: Some children only viewable by root user?
Index(es):
- Chronological
- Thread