[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ldap access

--On Friday, January 23, 2004 6:08 PM -0500 "Douglas B. Jones" <douglas@gpc.edu> wrote:

If I read correctly, the only change was to add 'by * break'. I tried that, first only in the dc=employee section and then in both section. I got the same results. All the searches worked as before, but the modify gave 'insufficient access(50)' (as before). I also tried adding the write acl for douglas to them, but that gave the same error. I put the write acl for douglas right before the 'by * break'. Any ideas? I appreciate the help!

Well, it is hard to say without any real log output. If you can, start slapd manually with a -d -1 option, and see what it's doing as it evaluates the ACL's. That should tell you a lot.


Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html