[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: group access



Hello,

You've said :
1/ >ldapsearch -L -b "ou=accounts,dc=boxhill,dc=com" -D
    >"uid=xxx,ou=accounts,dc=boxhill,dc=com" "(cn=*)".

2/  => acl_access_allowed: search access to value "any" by ""
    ><= ldbm_back_group: "" not in
"CN=ADMINDUDES,OU=ACCOUNTS,DC=BOXHILL,DC=COM":
    >member
    ><= acl_access_allowed: matched by clause #2 access denied

2/ tells you : "" not in "CN=ADMIN....." so your sign-in is "" because of
1/  lack of -W perhaps 
    -D is authenticated only with password provided so -W is needed

Eric

(---------------------------------------------------------------------)
( Eric Brehier - Service Commun Informatique     )
( Universite de Limoges - France                       )
( e-mail : eric.brehier@unilim.fr                         )
(---------------------------------------------------------------------)