[Date Prev][Date Next] [Chronological] [Thread] [Top]

less access

To: OpenLDAP List <openldap-software@OpenLDAP.org>
Subject: less access
From: squeegy+ldap@squeegy.org
Date: Thu, 27 Jan 2000 09:58:02 -0500 (EST)

I am sure everyone is tired of all my access problems.  I know I am.

Here is my latest.  I can authenticate with ldapsearch and ud.  Here
is the log output: 

imap slapd[21791]: conn=51 fd=8 connection from localhost (127.0.0.1) accepted.
imap slapd[23932]: conn=51 op=0 BIND dn="MAIL=JCHIODI@AMSITE.COM,DC=AMSITE,DC=COM" method=128
imap slapd[23932]: conn=51 op=0 RESULT err=0 tag=97 nentries=0
imap slapd[23933]: conn=51 op=1 SRCH base="DC=AMSITE,DC=COM" scope=2 filter="(owner=MAIL=JCHIODI@AMSITE.COM,DC=AMSITE,DC=COM)"
imap slapd[21791]: conn=51 op=-1 fd=8 closed errno=0
imap slapd[23933]: conn=51 op=1 RESULT err=0 tag=101 nentries=1
imap slapd[23934]: conn=51 op=2 UNBIND


Now when I do a search with Netscape:

imap slapd[21791]: conn=50 fd=15 connection from unknown (208.11.81.62) accepted.
imap slapd[23924]: conn=50 op=0 BIND dn="" method=128
imap slapd[23924]: conn=50 op=0 RESULT err=0 tag=97 nentries=0
imap slapd[23925]: conn=50 op=1 SRCH base="DC=AMSITE,DC=COM" scope=2 filter="(mail=JCHIODI@AMSITE.COM)"
imap slapd[23925]: conn=50 op=1 RESULT err=0 tag=101 nentries=1
imap slapd[23926]: conn=50 op=2 BIND dn="MAIL=JCHIODI@AMSITE.COM,DC=AMSITE,DC=COM" method=128
imap slapd[23926]: conn=50 op=2 RESULT err=0 tag=97 nentries=0
imap slapd[23927]: conn=50 op=3 SRCH base="DC=AMSITE,DC=COM" scope=2 filter="(cn=*LIS*)"
imap slapd[23927]: conn=50 op=3 RESULT err=0 tag=101 nentries=4
imap slapd[21791]: conn=50 op=-1 fd=15 closed errno=104
imap slapd[23928]: conn=50 op=4 UNBIND

I am using passwords cut from /etc/shadow

here are my currect access rules:

access to attr=owner
        by * read

access to attr=entry
        by self write
        by dnattr=owner write
        by dn=".+" read
        by * read

access to attr=cn,givenName,sn,mail
        by self write
        by dnattr=owner write
        by dn=".+" read
        by * search

access to attr=uid,objectclass,creatorsname,modifiersname,createtimestamp,modifytimestamp
        by self read
        by * search

access to attr=userpassword
        by self write
        by dnattr=owner write
        by * none

access to *
        by self write
        by dnattr=owner write
        by dn=".+" read
        by * none
___________________

Jt "The Squeegy" Chiodi

http://www.squeegy.org/
squeegy@squeegy.org

Prev by Date: re: access - some success, some failure
Next by Date: lesser access
Index(es):
- Chronological
- Thread