[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: I can't seem to find the answer to these olcAccess questions
- To: Nick Gray <nick@graysaustin.com>
- Subject: Re: I can't seem to find the answer to these olcAccess questions
- From: Ryan Tandy <ryan@nardis.ca>
- Date: Tue, 12 Sep 2017 12:38:32 -0700
- Cc: openldap-technical@openldap.org
- Content-disposition: inline
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nardis.ca; s=google; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=MeNbDwJ1CHDEXfTEtDGI6zDn4wtD6be+AcCQZMoZfvg=; b=hR74btBmKRvmnja+ZMyquAu2XshL+atZQ9dVr4xrmwjnu66z2uEpPpgcu/x9ExG+qg xLNZoredGC09GZG5b6dQZ2CY1AH2k0WGm1bVU/zROGbNLTt6yv7WcOwdzEMQeb3CzwH0 b8z1W2IX07A4u+k5uhp9TRg5SDO7PF1o1nMoo=
- In-reply-to: <00a601d32b43$7e68d8c0$7b3a8a40$@graysaustin.com>
- Mail-followup-to: Nick Gray <nick@graysaustin.com>, openldap-technical@openldap.org
- References: <00a601d32b43$7e68d8c0$7b3a8a40$@graysaustin.com>
- User-agent: NeoMutt/20170113 (1.7.2)
On Mon, Sep 11, 2017 at 04:18:20PM -0500, Nick Gray wrote:
With this config,.shouldn't this work as well
ldapsearch -x -W -D cn=Manager,dc=local,dc=bob,dc=com -b cn=config olcDatabase=\*
The rules on your config database are:
olcAccess: {0} to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
olcAccess: {1} to * by dn="cn=Manager,dc=local,dc=bob,dc=com" manage
The first matches everything (*), so the second is never consulted.
My other question is where is there a reference to exactly what
"gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" means. I
can't seem to find one.
http://www.openldap.org/doc/admin24/sasl.html#IPC%20(ldapi%3A%2F%2F%2F)%20Identity%20Format