[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch returns one entry

To: Quanah Gibson-Mount <quanah@stanford.edu>
Subject: Re: ldapsearch returns one entry
From: Stephen Walton <stephen.walton@csun.edu>
Date: Wed, 10 Aug 2005 13:01:20 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <16B6C0686F1C51FD2320762D@cadabra-dsl.stanford.edu>
References: <42FA1C11.6090109@csun.edu> <16B6C0686F1C51FD2320762D@cadabra-dsl.stanford.edu>
User-agent: Mozilla Thunderbird 1.0.6 (X11/20050727)

Quanah Gibson-Mount wrote:

> Well, I will note that there were changes to some of the settings in
> slapd.conf between 2.1 and 2.2 and also there were changes to how
> ACL's were formed

Thanks for the hint.  I went to "OpenLDAP Everywhere Revisited" in the
July 2005 Linux Journal and copied the access controls from there:

access to attrs=userPassword
      by dn="cn=Manager,dc=foo,dc=com" write
      by self write
      by anonymous auth
      by * none
# All other attributes are readable to everybody
access to *
      by self write
      by dn="cn=Manager,dc=foo,dc=com" write
      by * read

and all is now well.  The key thing seems to be that one needs an
explicit "access to * by * read" at OpenLDAP 2.2.  Thanks again for the
quick help!

Follow-Ups:
- Re: ldapsearch returns one entry
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- ldapsearch returns one entry
  - From: Stephen Walton <stephen.walton@csun.edu>
- Re: ldapsearch returns one entry
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: Installing Openldap from a tarball
Next by Date: Re: ldapsearch returns one entry
Index(es):
- Chronological
- Thread