[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with ACL in 2.4.22

To: openldap-technical@openldap.org
Subject: Re: Problem with ACL in 2.4.22
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Tue, 28 Dec 2010 16:45:43 +0100
In-reply-to: <4D19FD25.7010100@eurobjects.com>
Organization: AVCI
References: <4D19FD25.7010100@eurobjects.com>

Am Tue, 28 Dec 2010 17:07:17 +0200
schrieb Nick Milas <nick@eurobjects.com>:

> Hi,
> 
> I have upgraded from 2.3.43 to 2.4.22 on CentOS 5.5.
> 
> Everything works fine, except my ACLs don't work on the new version. 
> Strange results occur.
> 
> Has anything changed significantly in v2.4 ACLs in comparison to v2.3
> ACLs?
> 
> For example, the following piece of code works as expected in v2.3
> but not in v2.4. If some user logs in and is a member of a
> GroupXAdmins (where X = 1-6), he can't see the branch at all.
> 
> # Allow access to entries of the subtree
> #
> access to dn.sub="dc=12.11.10.in-addr.arpa,ou=dns1,dc=example,dc=com" 
> attrs="children,entry"
>          by group.exact="cn=Group1Admins,ou=Groups,dc=example,dc=com"
[...]

> 
> Please, help.

Run slapd(8) in debugging mode, -d acl would do. 

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E

References:
- Problem with ACL in 2.4.22
  - From: Nick Milas <nick@eurobjects.com>

Prev by Date: Problem with ACL in 2.4.22
Next by Date: Re: Problem with ACL in 2.4.22
Index(es):
- Chronological
- Thread