[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access list problem


ldapsearch -h orphea -x -b "ou=goyman.com sa,dc=goyman,dc=com" -D "uid=goyman,ou=goyman.com sa,dc=goyman,dc=com" -w "*******" "(objectClass=inetOrgPerson)"

Produce the good result with or without ACL. (With ACL, I can't acces unauthorised resources as well)

But with other client (Address Book on macosx (v3), mozilla (v3 too I think)) I have empty result with acl, and good result without.

Any idea?


On Apr 27, 2004, at 3:20 PM, Ziya Suzen wrote:

Hi Nicolas,

ACL looked fine to me. I wonder what your ldapsearch options are. This
does not look like an ACL problem actually. It can even be the case
that your other LDAP clients only talks v2.

Ziya Suzen

On 2004-04-27 13:11:43 +0000, Nicolas Goy wrote:

I got only this access list in my configuration:

access  to attr=userPassword
          by self               read
          by anonymous          auth
          by *                  none

access  to dn.regex="^.*,ou=([^,]+),dc=goyman,dc=com"
        by dn.regex="^.*,ou=$1,dc=goyman,dc=com"        read
        by *                                            none

access to *
        by self read
        by users none
        by * none

It work is I use ldapsearch. But whith my ldap clients, (mozilla,
address book) I don't have any result when I do a search.

I wonder why.

What I want is to allow for example user
uid=toto,ou=ACompany,dc=goyman,dc=com will be able to read for
everything under ou=ACompany,dc=goyman,dc=com.

Best Regards


.::.:..: Celui qui appréhende le lendemain mourra idiot .:..:::