[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rootdn and ACI

> I have an ACL like:
> access to
> dn.regex="uid=[^,]+,ou=[^,]+,ou=([^,]+),ou=People,dc=iitb,dc=ac,dc=in$"
> attrs=mailHost
>     by ... *other requesters (part omitted to maintain clarity)*
>     by anonymous    auth
>     by users        read
> Now if I bind using rootdn, I am not able to read the 'mailHost'
> attribute. My rootdn is cn=Manager,dc=iitb,dc=ac,dc=in.
> I am using OL 2.2.24. Shall I post all my ACLs ?

Honestly, I don't know how it could help, since access is not checked for
the rootdn.  I suggest you check:
1) if the data you expect to see is actually there (slapcat?)
2) if you're actually having a successful bind as rootdn (ldapwhoami?)
3) if it's an ACL problem (does it work without any ACL?)

Also, try looking at the server's output with loglevel set to 128 (ACL).


Pierangelo Masarati

    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497