Configuration of Single user causes

[Alexander Hartner <alex@j2anywhere.com>]

Thanks for all you help so far. I got quite a bit further.

This is my slapd.conf file

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/misc.schema
include         /etc/openldap/schema/samba.schema
include         /etc/openldap/schema/apple.schema
include         /etc/openldap/schema/netinfo.schema

access to dn.subtree="o=j2anywhere,c=uk"
by dn.base="cn=addressbook,o=j2anywhere,c=uk" write
by * auth

pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args
allows          bind_v2
schemacheck     off
database        bdb
suffix          "o=j2anywhere,c=uk"
rootdn          "cn=ldapadmin,o=j2anywhere,c=uk"
rootpw          {SSHA}IcOR4sPEa52fanHppctqrP2Wiodd2+Df
directory       /var/db/openldap/addressbook-data
index           objectClass eq

And I am able to access my directory as follows :

ldapsearch -D "cn=addressbook,o=j2anywhere,c=uk"  -w password -x  -b  
"ou=people,o=j2anywhere,c=uk" sn=...

However if i change my configuration to

access to dn.subtree="ou=people,o=j2anywhere,c=uk"
by dn.base="cn=addressbook,o=j2anywhere,c=uk" write
by * auth

I get an error

ldapsearch -D "cn=addressbook,o=j2anywhere,c=uk"  -w password -x  -b  
"ou=people,o=j2anywhere,c=uk" sn=Tom
ldap_bind: Insufficient access (50)

Now I am getting confused. I am specifying the DN to which I want to  
give access and it's children with dn.subtree. I had a look at the FAQ,
http://www.openldap.org/faq/data/cache/55.html and http:// 
www.openldap.org/faq/data/cache/171.html.

Thanks
Alex