|
Hi all, - Debian Wheezy - Openldap 2.4.31 I want a group (mk_group) can write to the addressbook: ~#ldapsearch -xLLL cn=mk_group dn: cn=mk_group,ou=Groups,dc=csr,dc=ld gidNumber: 1001 cn: mk_group objectClass: top objectClass: posixGroup memberUid: fulvio memberUid: pinco memberUid: pallino memberUid: ciccio Every memberUid exists in the branch ou=Users ~# ldapsearch -xLLL ou=addressbook dn: ou=addressbook,dc=csr,dc=ld ou: addressbook objectClass: organizationalUnit objectClass: top The branch ou=addressbook is populated. In olcDatabase={1}hdb.ldif configuration file I have this row: ... olcAccess: {0}to dn.subtree="ou=addressbook,dc=csr,dc=ld" by set="[cn=mk_group ,ou=Groups,dc=csr,dc=ld]/memberUid & user/uid" write by user read .... If I try to write in the addressbook, I get this message: ..... ldap_modify: Insufficient access (50) What i wrong ? Many thanks. fulvio |
begin:vcard fn:Fulvio Parnigoni n:Parnigoni;Fulvio org:Videosoft s.a.s. adr:;;Via Ugo Foscolo 43/A;Lesmo;MB;20855;Italia email;internet:fparnigoni@videosoft.biz tel;work:039-8943370 tel;home:039-8951305 tel;cell:389-9810772 note;quoted-printable:PEC: info@pec.videosoft.biz=0D=0A= Skype: fparnigoni version:2.1 end:vcard