[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: group access

To: "Joe Sabu" <Joe.Sabu@dothill.com>, <openldap-software@OpenLDAP.org>
Subject: Re: group access
From: Eric Bréhier - SCI <eric.brehier@unilim.fr>
Date: Tue, 07 Dec 1999 09:02:55 +0100

Hello,

You've said :
1/ >ldapsearch -L -b "ou=accounts,dc=boxhill,dc=com" -D
    >"uid=xxx,ou=accounts,dc=boxhill,dc=com" "(cn=*)".

2/  => acl_access_allowed: search access to value "any" by ""
    ><= ldbm_back_group: "" not in
"CN=ADMINDUDES,OU=ACCOUNTS,DC=BOXHILL,DC=COM":
    >member
    ><= acl_access_allowed: matched by clause #2 access denied

2/ tells you : "" not in "CN=ADMIN....." so your sign-in is "" because of
1/  lack of -W perhaps 
    -D is authenticated only with password provided so -W is needed

Eric

(---------------------------------------------------------------------)
( Eric Brehier - Service Commun Informatique     )
( Universite de Limoges - France                       )
( e-mail : eric.brehier@unilim.fr                         )
(---------------------------------------------------------------------)

Follow-Ups:
- Re: group access
  - From: "Joe Sabu" <Joe.Sabu@dothill.com>

Prev by Date: Re: encrypt the userpassword
Next by Date: Still Group access problems...
Index(es):
- Chronological
- Thread