[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
An accesslist problem OpenLDAP 1.2.3
With the OpenLDAP v1.2.3 i have a accesslist problem. My slapd.conf contains:
---schnipp---
access to attr=userpassword
by self write
by dn="cn=admin, ou=person, dc=decor-metall, dc=de" write
by * compare
access to dn="cn=*, ou=device, dc=decor-metall, dc=de"
by self write
by dn="cn=inventaradmin, ou=person, dc=decor-metall, dc=de" write
by dn="cn=inventardb, ou=person, dc=decor-metall, dc=de" read
---schnapp---
If i try to get entries as "cn=inventardb" or "cn=inventaradmin", but there a
no output.
The syslog output:
---schnipp---
before select active_threads 1
SRCH "OU=DEVICE,DC=DECOR-METALL,DC=DE" 2 0
0 0 0
filter: (cn=08454)
attrs:
cn
=> ldbm_back_search
entry_rdwr_rtrylock: ID: 2
entry_rdwr_runlock: ID: 2
entry_rdwr_rtrylock: ID: 167
=> access_allowed: entry (cn=08454, ou=device, dc=decor-metall, dc=de) \
attr (cn)
=> acl_get: entry (cn=08454, ou=device, dc=decor-metall, dc=de) attr (cn)
=> acl_get: edn CN=08454,OU=DEVICE,DC=DECOR-METALL,DC=DE
=> acl_get: [1] check attr cn
<= acl_get: no match
=> acl_access_allowed: search access to entry \
"cn=08454, ou=device, dc=decor-metall, dc=de"
=> acl_access_allowed: search access to value "08454" by \
"CN=INVENTARADMIN,OU=PERSON,DC=DECOR-METALL,DC=DE"
<= acl_access_allowed: denied by default (no matching to)
=> access_allowed: exit (cn=08454, ou=device, dc=decor-metall, dc=de)\
attr (cn)
entry_rdwr_runlock: ID: 167
---schnapp---
With my rootdn everything works fine. I checked again and again for
misspelling, wrong paramters, but found nothing.
--
Frank Matthieß
Privat Frank.Matthiess@GMX.net +49-5245-4662
Firma Frank.Matthiess@decor-metall.de +49-5222-286-315