[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
problem with authenticated base search for objectclass=* by netscape
Hi.
I'm running openldap 1.2.9 on a Linux 2.2.13 slackware. I'm trying to
use Netscape's address book to browse an entry in my ldap db. Netscape
finds the entry but can't browse it. Why isn't this working ? What am I
missing ?
TIA
Patrick.
Here is the acl file:
-------8<--------
defaultaccess none
access to *
attrs=mail
by dn=".*,ou=personnel,o=polymtl.ca" read
by * search
access to *
attrs=entry
by * read
access to *
by dn=".*,ou=personnel,o=polymtl.ca" read
-------8<--------
Here is the '-d 152' trace of slapd:
-------8<--------
ACL: access to dn=.*
attrs=mail
by dn=.*,OU=PERSONNEL,O=POLYMTL.CA
by dn=.*
ACL: access to dn=.*
attrs=entry
by dn=.*
ACL: access to dn=.*
by dn=.*,OU=PERSONNEL,O=POLYMTL.CA
slapd starting
listening for connections on 6, activity on:
before select active_threads 0
select activity on 1 descriptors
new connection on 7
activity on:
listening for connections on 6, activity on: 7r
before select active_threads 0
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 65 contents:
ber_dump: buf 0x80852c8, ptr 0x80852c8, end 0x8085309
current len 65, contents:
02 01 01 ` < 02 01 02 04 . c n = P a t
r i c k 20 T i m m o n s , 20 o u
= p e r s o n n e l , 20 o = p o
l y m t l . c a 80 07 h i t h e r
e
listening for connections on 6, activity on: 7r
before select active_threads 1
ber_flush: 14 bytes to sd 7
0 0c 02 01 01 a 07 0a 01 00 04 00 04 00
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 156 contents:
ber_dump: buf 0x80852c8, ptr 0x80852c8, end 0x8085364
current len 156, contents:
02 01 02 c 81 96 04 0c o = p o l y m t
l . c a 0a 01 02 0a 01 00 02 01 d 02 01 00
01 01 00 a1 ; a4 11 04 02 c n 0 0b 80 09 g
r a n d m e r e a4 13 04 04 m a i l
0 0b 80 09 g r a n d m e r e a4 11 04
02 s n 0 0b 80 09 g r a n d m e r e
0 : 04 02 c n 04 04 m a i l 04 01 o 04
0f t e l e p h o n e n u m b e r
04 01 l 04 08 n i c k n a m e 04 02 s
n 04 09 g i v e n n a m e
listening for connections on 6, activity on: 7r
before select active_threads 1
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (cn)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (cn)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: cn
=> acl_access_allowed: search access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: search access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (cn)
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (mail)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (mail)
<= acl_get: [1] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: mail
=> acl_access_allowed: search access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: search access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (mail)
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (sn)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (sn)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: sn
=> acl_access_allowed: search access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: search access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (sn)
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (entry)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (entry)
<= acl_get: [2] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: entry
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (entry)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (cn)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: cn
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (givenname)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: givenname
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (sn)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: sn
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (mail)
<= acl_get: [1] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: mail
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
ber_flush: 166 bytes to sd 7
0 81 a3 02 01 02 d 81 9d 04 . p o l y u
n i q u e i d = a a a a a , 20 o
u = e t u d i a n t s , 20 o = p
o l y m t l . c a 0 k 0 18 04 02 c
n 1 12 04 10 C o u c o u 20 G r a n
d m e r e 0 15 04 09 g i v e n n a
m e 1 08 04 06 C o u c o u 0 11 04 02
s n 1 0b 04 09 G r a n d m e r e 0
% 04 04 m a i l 1 1d 04 1b c o u c o
u . g r a n d m e r e @ p o l y
m t l . c a
ber_flush: 14 bytes to sd 7
0 0c 02 01 02 e 07 0a 01 00 04 00 04 00
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 5 contents:
ber_dump: buf 0x80853c8, ptr 0x80853c8, end 0x80853cd
current len 5, contents:
02 01 03 B 00
listening for connections on 6, activity on: 7r
before select active_threads 1
select activity on 1 descriptors
new connection on 7
activity on:
listening for connections on 6, activity on: 7r
before select active_threads 0
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 65 contents:
ber_dump: buf 0x8082390, ptr 0x8082390, end 0x80823d1
current len 65, contents:
02 01 01 ` < 02 01 02 04 . c n = P a t
r i c k 20 T i m m o n s , 20 o u
= p e r s o n n e l , 20 o = p o
l y m t l . c a 80 07 h i t h e r
e
listening for connections on 6, activity on: 7r
before select active_threads 1
ber_flush: 14 bytes to sd 7
0 0c 02 01 01 a 07 0a 01 00 04 00 04 00
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 156 contents:
ber_dump: buf 0x80852c8, ptr 0x80852c8, end 0x8085364
current len 156, contents:
02 01 02 c 81 96 04 0c o = p o l y m t
l . c a 0a 01 02 0a 01 00 02 01 d 02 01 00
01 01 00 a1 ; a4 11 04 02 c n 0 0b 80 09 g
r a n d m e r e a4 13 04 04 m a i l
0 0b 80 09 g r a n d m e r e a4 11 04
02 s n 0 0b 80 09 g r a n d m e r e
0 : 04 02 c n 04 04 m a i l 04 01 o 04
0f t e l e p h o n e n u m b e r
04 01 l 04 08 n i c k n a m e 04 02 s
n 04 09 g i v e n n a m e
listening for connections on 6, activity on: 7r
before select active_threads 1
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (cn)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (cn)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: cn
=> acl_access_allowed: search access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: search access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (cn)
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (mail)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (mail)
<= acl_get: [1] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: mail
=> acl_access_allowed: search access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: search access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (mail)
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (sn)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (sn)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: sn
=> acl_access_allowed: search access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: search access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (sn)
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (entry)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (entry)
<= acl_get: [2] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: entry
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (entry)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (cn)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: cn
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (givenname)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: givenname
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (sn)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: sn
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (mail)
<= acl_get: [1] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: mail
=> acl_access_allowed: read access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: read access to value "any" by "CN=PATRICK TIMMONS,OU=PERSONNEL,O=POLYMTL.CA"
<= acl_access_allowed: matched by clause #1 access granted
ber_flush: 166 bytes to sd 7
0 81 a3 02 01 02 d 81 9d 04 . p o l y u
n i q u e i d = a a a a a , 20 o
u = e t u d i a n t s , 20 o = p
o l y m t l . c a 0 k 0 18 04 02 c
n 1 12 04 10 C o u c o u 20 G r a n
d m e r e 0 15 04 09 g i v e n n a
m e 1 08 04 06 C o u c o u 0 11 04 02
s n 1 0b 04 09 G r a n d m e r e 0
% 04 04 m a i l 1 1d 04 1b c o u c o
u . g r a n d m e r e @ p o l y
m t l . c a
ber_flush: 14 bytes to sd 7
0 0c 02 01 02 e 07 0a 01 00 04 00 04 00
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 5 contents:
ber_dump: buf 0x8082390, ptr 0x8082390, end 0x8082395
current len 5, contents:
02 01 03 B 00
listening for connections on 6, activity on: 7r
before select active_threads 1
select activity on 1 descriptors
new connection on 7
activity on:
listening for connections on 6, activity on: 7r
before select active_threads 0
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 65 contents:
ber_dump: buf 0x8086d18, ptr 0x8086d18, end 0x8086d59
current len 65, contents:
02 01 01 ` < 02 01 02 04 . c n = P a t
r i c k 20 T i m m o n s , 20 o u
= p e r s o n n e l , 20 o = p o
l y m t l . c a 80 07 h i t h e r
e
listening for connections on 6, activity on: 7r
before select active_threads 1
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 83 contents:
ber_dump: buf 0x8085338, ptr 0x8085338, end 0x808538b
current len 83, contents:
02 01 02 c N 04 . p o l y u n i q u
e i d = a a a a a , 20 o u = e t
u d i a n t s , 20 o = p o l y m
t l . c a 0a 01 00 0a 01 00 02 01 00 02 01
00 01 01 00 87 0b o b j e c t c l a s
s 0 00
ber_flush: 14 bytes to sd 7
0 0c 02 01 01 a 07 0a 01 00 04 00 04 00
listening for connections on 6, activity on: 7r
before select active_threads 1
=> access_allowed: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (objectclass)
=> acl_get: entry (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (objectclass)
<= acl_get: [3] backend acl polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca attr: objectclass
=> acl_access_allowed: search access to entry "polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca"
=> acl_access_allowed: search access to value "any" by ""
<= acl_access_allowed: denied by default (no matching by)
=> access_allowed: exit (polyuniqueid=aaaaa, ou=etudiants, o=polymtl.ca) attr (objectclass)
ber_flush: 14 bytes to sd 7
0 0c 02 01 02 e 07 0a 01 00 04 00 04 00
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
ber_get_next: tag 0x30 len 5 contents:
ber_dump: buf 0x8086d48, ptr 0x8086d48, end 0x8086d4d
current len 5, contents:
02 01 03 B 00
listening for connections on 6, activity on: 7r
before select active_threads 1
select activity on 1 descriptors
activity on: 7r
read activity on 7
ber_get_next
listening for connections on 6, activity on:
before select active_threads 1
select failed errno 4 (Interrupted system call)
slapd shutting down - waiting for 0 threads to terminate
slapd stopping
-------8<--------
--
P.Timmons, service informatique