Re: ACL Problem

[Selcuk Yazar <selcuk.yazar@gmail.com>]

My problem is about Redhat :(

if I wantto apply slapd.conf changes, i must run

/bin/rm -rf /etc/openldap/slapd.d/*

/usr/sbin/slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d

/bin/chown -R ldap:ldap /etc/openldap/slapd.d

/bin/chmod -R 000 /etc/openldap/slapd.d

/bin/chmod -R u+rwX /etc/openldap/slapd.d

commands 

after that my config is running.

thank you.

selcuk 

On Thu, Dec 22, 2011 at 2:10 PM, Dieter Klünter <dieter@dkluenter.de> wrote:

Am Wed, 21 Dec 2011 13:47:11 +0200
schrieb Selcuk Yazar <selcuk.yazar@gmail.com>:

> Hi,
>
> Ok
>
> my rule is
> access to
> dn.regex="^mail=([^,]+),ou=([^,]+),jvd=([^,]+),o=hosting,dc=myhosting,dc=example$"
>             attrs=userPassword
>             by
> dn.exact="mail=$1,ou=$2,jvd=$3,o=hosting,dc=myhosting,dc=example"
> write by
> dn.exact,expand="mail=$1,ou=$2,jvd=$3,o=hosting,dc=myhosting,dc=example"
> read
>             by dn="cn=Manager,dc=myhosting,dc=example" write
>             by users none
>             by * none
>
> this doesn't work , users can't change their own password.

run slapacl(8) to test your access rules, or just run slapd with -dacl
this will show you slapd parsing your access rules.

-Dieter

--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E

--
Selçuk YAZAR
http://www.selcukyazar.blogspot.com