[Date Prev][Date Next] [Chronological] [Thread] [Top]

re: access - some success, some failure



Thank you to Kurt, David and everyone else that has helped.  I really
appreciate it.

I have part of my slapd.conf at the end of this message 

Thing that work:

No-one can search anonymously - excelent
I can login and search from Netscape - most excelent

Things that don't:

When I get my search results back from Netscape, I select a
record to display it fully and I get "Not found" from Netscape.  
Why am I getting search results but can't display the entire record?
When I do a search with ldapsearch, i am getting the entire record.

When i try to change a password with ldappasswd like so:

ldappasswd -D "cn=JT Chiodi,ou=Employee,dc=amsite,dc=com" -b "dc=amsite,dc=com"

I get:

New password: 
Re-enter new password: 
ldap_modify: Insufficient access

Shouldn't I be able to change my ldappasswd with my current access?

Can i use the passwd field from the /etc/shadow file on a Red Hat 6.1
system instead of ldappasswd to have encrypted passwords?  I remember
reading somewhere that this was possible for the root password in the
slapd.conf.  Is it possible in the directory itself?

slapd.cof - access section
##########################################################################

access to attr=owner
        by dnattr=owner write
        by * read

access to attr=entry
        by self write
        by dnattr=owner write
        by dn=".+" read
        by * read

access to attr=cn,givenName,sn,uid,mail
        by self write
        by dnattr=owner write
        by dn=".+" read
        by * search

access to attr=userpassword
        by self write
        by dnattr=owner write
        by * none

access to *       
	by self write
        by dnattr=owner write
        by dn=".+" read
        by * none

index cn,sn,uid,mail
index objectclass pres,eq
index default none



___________________

Jt "The Squeegy" Chiodi

http://www.squeegy.org/
squeegy@squeegy.org