[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: defaultsearchbase

--On Friday, December 23, 2005 12:33 PM -0500 Robert Fitzpatrick <lists@webtent.net> wrote:

I have my defaultsearchbase set in 2.2.29 to my top level of
'dc=webtent,dcnet', but no client can acccess my entries unless they
have the base set. I just install phpldapadmin and it says 'Could not
determine the root of your LDAP tree. It appears that the LDAP server
has been configured to not reveal its root'.  I assume this has to do
with my access list, but I have this at the end of the list?

access to *
	by sockurl.regex="^ldapi://%2fvar%2frun%2fopenldap%2fldapi/$" write
	by group.exact="cn=Administrators,dc=webtent,dc=net" write
	by self write
	by * read

What else could cause the default not to work?

For phpldapadmin, it is probably looking for the rootDSE to be exposed.

Also recall that ACL's are applied in the order listed, and stop at the first matching ACL, so if the clients match an ACL before your "*" ACL, it will never be applied.


-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html