[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with ACLs

To: Bill Bradford <mrbill@mrbill.net>, openldap-technical@openldap.org
Subject: Re: Problem with ACLs
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Fri, 31 Aug 2018 11:08:14 -0700
Content-disposition: inline
In-reply-to: <20180831175955.GZ12349@mrbill.net>
References: <20180830191722.GW12349@mrbill.net> <E009113EDD4EB6618A1655B1@[192.168.1.10]> <20180831175955.GZ12349@mrbill.net>

--On Friday, August 31, 2018 1:59 PM -0500 Bill Bradford<mrbill@mrbill.net> wrote:

I'll fix that.  but this user (rootDN) has the required privs and
already works fine so far for a couple of years now.


ACLs never apply to the rootdn.  This is clearly documented in the man page.

 by dn.exact="uid=romanager,ou=Users,dc=domain,dc=com" read

Are you sure this is the DN returned by ldapwhoami?


I'm not logging in to a Linux box as this user; I'm using this DN as
credentials (in Apache Directory Studio, ldapsearch, etc) and connecting
just fine - just not with the ability to read other user's passwords.


This has nothing to do with logging into a linux box.

--Quanah



--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

References:
- Problem with ACLs
  - From: Bill Bradford <mrbill@mrbill.net>
- Re: Problem with ACLs
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Problem with ACLs
  - From: Bill Bradford <mrbill@mrbill.net>

Prev by Date: Re: Problem with ACLs
Next by Date: Re: Problem with ACLs
Index(es):
- Chronological
- Thread