[Date Prev][Date Next]
2.4.6 ACLs and Extented Operations
- To: openldap-software@OpenLDAP.org
- Subject: 2.4.6 ACLs and Extented Operations
- From: "Gavin Henry" <ghenry@OpenLDAP.org>
- Date: Thu, 1 Nov 2007 14:44:59 -0000 (GMT)
- Importance: Normal
- Openpgp: id=796B1E87DB73BEA8
- User-agent: SquirrelMail/1.4.11-1.fc8
It this a bad ACL?:
access to dn="ou=Users,dc=suretecsystems,dc=com"
by self write
by users read
by anonymous auth
This was working fine on 2.3.39, but after an upgrade last night "getent
passwd" stopped working with error 50.
I can supply the full ACL and some sample data when I get a change.
But with loglevel 128, it looked like with was seeing "by auth" and not
"by anonymous auth"
Now, when we browse our Samba PDC that worked fine on 2.3.39, we are seeing:
conn=63 fd=32 ACCEPT from IP=X.X.X.X:39211 (IP=0.0.0.0:389)
conn=63 op=0 EXT oid=184.108.40.206.4.1.1466.20037
conn=63 op=0 do_extended: unsupported operation "220.127.116.11.4.1.1466.20037"
conn=63 op=0 RESULT tag=120 err=2 text=unsupported extended operation
and it goes very slowly.
I'll obvoiusly doc this up in our migration section later.
OpenLDAP Engineering Team.
Community developed LDAP software.