[Date Prev][Date Next] [Chronological] [Thread] [Top]

replace: olcAccess


With help from various generous people on this list, I am finishing up
with my project. Among other things, I need to perform a
non-interactive OpenLDAP configuration.

I install the server with apptitude and have LDIFs to change the root
password and suffix. However, it seems that I still need to correctly
adjust olcAccess so my searches work.

The olcAccess is the part that is not working as I expected. My LDIF
runs just fine changing the name, and domain suffix. Yet, after the
operation is complete, ldapsearch(1) start returning errors. When the
suffix was nodomain [default left by the install] searches worked.
Please advise. The LDIF is below:

dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange by
dn="cn=admin,dc=example,dc=com" write by anonymous auth by self write
by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by self write by dn="cn=admin,dc=example,dc=com"
write by * read

dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=example,dc=com

dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=admin,dc=example,dc=com

I don't see any errors. Nothing throws me off when I run slapcat(8).
Please advise.

Thank you,

Igor Shmukler