[Date Prev][Date Next] [Chronological] [Thread] [Top]

cross DIT/TLD rootdn - or allow a foreign rootdn

To: OpenLDAP <openldap-technical@openldap.org>
Subject: cross DIT/TLD rootdn - or allow a foreign rootdn
From: lejeczek <peljasz@yahoo.co.uk>
Date: Fri, 20 Feb 2015 15:23:46 +0000
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s2048; t=1424445827; bh=7C2k9gIsEPSWDLmcjB1jFaio0gMJlHAap9pSbr592kI=; h=Date:From:To:Subject:From:Subject; b=KEQvBuXwfaRX0kL2PCSrcQoYxWye7N422occo+/WWVzflDhR5y7CHAs9+RfgKUupThBODlIPhhmOAPemgAcEXf6tyPcVhoujCg9anuIoWZE+SJBHvm1MVFnU1qW67wKyko6NNWdQzqTqWue683mMkk8Q1valdDppu1rAr1RaIPyB7bqOwx1xxFUvkTvPkHJdPRKbd3HxbuqTUmMKY8NtwbWWbKJOYYhwo0Ey/CQbdGgkNlFWPW23Ys1Z82Y9Hz51tKi3O3AlqHa0RfnNsGSoAesvh2PMp56WyMx7LqWNDwcK3gnk+7TWXeFze2ZuqwZVbtTbwvSKJW4P1gv+xaOriQ==
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0

hi everybody

I'm just looking at the surface and still have lots toread/lean, but I thought this one should be easy toachieve/set up.

Having multiple top level domains I wanted to allow rootdnfrom other domain (say B) to have similar access rights torootdn of home domain (say A)

and i put this into config of A domain

to *  by dn="cn=manger,dc=B,dc=topdom" manage

but I get infamous:

Insufficient access (50)
    additional info: no write access to parent

Is possible what I try to do, does LDAP allow, i preparedfor such a scenario?If yes can I get some light shed on what I got wrong or didnot get at all.


many thanks.

Follow-Ups:
- Re: cross DIT/TLD rootdn - or allow a foreign rootdn
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: replica from a to b
Next by Date: Re: replica from a to b
Index(es):
- Chronological
- Thread