[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with ACL's: can't bind as a non-root DN

Hello list,

I am a sysadmin with limited experience with LDAP, and I am having a
little issue with ACL's on an openldap server. The server has been
running for more than a year as an auth. backend for Plone. However,
recently I wanted to use the same user name/password information for
other purposes and then I ran into a problem:

I can not bind to the server as a non-root DN.

More concrete example:

# ldapsearch -D "cn=my_own_user_id,dc=example,dc=be" -x
(&(cn=editors)(uniqueMember=cn=someuser,dc=example,dc=be))" -W
Enter LDAP Password:
ldap_bind: Invalid credentials (49)

I'll paste the acl's from my slapd.conf file:

access to attrs=userPassword by dn="cn=admin,dc=example,dc=be" write by anonymous auth by self write #by * none #access to dn.base="" by * read access to * by dn="cn=admin,dc=example,dc=be" write by dn="cn=admin,dc=example,dc=be" read by * read

I would think that normally, "by anonymous auth" would allow any user
(inetOrgPerson) to bind to the server? Can anyone help?

Thanks in advance.

Frank Van Damme

"All  PCs are compatible. But some of them are more compatible than
others." [Onbekend]