[Date Prev][Date Next]
RE: ldap access
--On Friday, January 23, 2004 6:08 PM -0500 "Douglas B. Jones"
If I read correctly, the only change was to add 'by * break'. I
tried that, first only in the dc=employee section and then in
both section. I got the same results. All the searches worked
as before, but the modify gave 'insufficient access(50)' (as
before). I also tried adding the write acl for douglas to them,
but that gave the same error. I put the write acl for douglas
right before the 'by * break'. Any ideas? I appreciate the help!
Well, it is hard to say without any real log output. If you can, start
slapd manually with a -d -1 option, and see what it's doing as it evaluates
the ACL's. That should tell you a lot.
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html