[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Schema not available with restrictive ACLs

>>>>> "adp" == adp  <dap99@i-55.com> writes:

    adp> So my question all boiled down to if there was a:
    adp> access to schema by * read

/usr/bin/ldapsearch -x -LLL -h localhost -s base -b '' 'objectClass=*' subschemaSubentry
/usr/bin/ldapsearch -x -LLL -h localhost -s base -b 'cn=Subschema' 'objectClass=*' +

This will give me the schema. But then my ACL's are ok. How
about this (as a lead):

access to dn="cn=Subschema"
        by peername="IP=127\.0\.0\.1:.*" read
        by peername="IP=192\.168\.1\.4:.*" read