[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch returns one entry

Quanah Gibson-Mount wrote:

> Well, I will note that there were changes to some of the settings in
> slapd.conf between 2.1 and 2.2 and also there were changes to how
> ACL's were formed

Thanks for the hint.  I went to "OpenLDAP Everywhere Revisited" in the
July 2005 Linux Journal and copied the access controls from there:

access to attrs=userPassword
      by dn="cn=Manager,dc=foo,dc=com" write
      by self write
      by anonymous auth
      by * none
# All other attributes are readable to everybody
access to *
      by self write
      by dn="cn=Manager,dc=foo,dc=com" write
      by * read

and all is now well.  The key thing seems to be that one needs an
explicit "access to * by * read" at OpenLDAP 2.2.  Thanks again for the
quick help!