[Date Prev][Date Next]
cn=config && (ACI || ACL)
- To: email@example.com
- Subject: cn=config && (ACI || ACL)
- From: Turbo Fredriksson <firstname.lastname@example.org>
- Date: Mon, 12 Feb 2007 19:29:55 +0100
- Organization: LDAP/Kerberos expert wannabe
- User-agent: Gnus/5.1007 (Gnus v5.10.7) Emacs/20.7 (gnu/linux)
I managed to get cn=config working by following
to the letter (meaning: I had to setup a rootdn/rootpw pair
to be able to do searches).
How can this be used, _without_ using the rootdn/rootpw? I want
ordinary users to be able to search/modify 'stuff' there (eventually,
when I know exactly what it is and how to use it :).
I tried 'access to * by * write' as only ACL, but I _still_ got
'Insufficient access' whether or not I authenticated...
And running with '-d 128' shows NOTHING for anonymous access
(and only 'auth access to userPassword' when using bind DN).
Also (when on the subject of cn=config), in what way is
'cn=schema,cn=config' different from 'cn=Subschema'?
The devil is in the details, but why wasn't 'cn=Subschema'
enough? It have everything (?) that 'cn=schema,cn=config'