[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: database monitor



So what should be the rules for monitor database?
I don't want my users looking up in my openldap server status.
May you provide rules for the monitor database?

Thanks

On Tue, Jul 5, 2011 at 6:03 PM,  <masarati@aero.polimi.it> wrote:
>> I have configured database monitor and setted two access rules in its
>> context. By the log messages below keep annoying me:
>>
>> /etc/openldap/slapd.conf: line 110: warning: cannot assess the
>> validity of the ACL scope within backend naming context
>> Backend ACL: access to dn.subtree="cn=monitor"
>>         by dn.base="cn=oldap,dc=ufv,dc=br" read
>>         by * none
>>
>> Backend ACL: access to *
>>         by * none
>
> Remove this rule.  It's pleonastic (never used) because, as the message
> says, it's outside the naming context.  All data within the naming scope
> is intercepted by the previous rule.
>
> p.
>
>> /etc/openldap/slapd.conf: line 123: warning: cannot assess the
>> validity of the ACL scope within backend naming context
>> Backend ACL: access to *
>>         by * none
>>
>> config_back_db_open: line 0: warning: cannot assess the validity of
>> the ACL scope within backend naming context
>> slapd starting
>>
>>
>> How may i "fix" that. (Altough i used the word "fix", i know it is not
>> a error message).
>>
>> Thanks in advance
>>
>>
>
>
>