[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACL configuration in openldap 1.2.11
I tried adding "by dn=".*" auth" and restarting slapd. It complained about
that line. I changed it to "by * auth" and it complained about that line too.
# access control list stuff
defaultaccess read
access to *
by self write
>
> Patrick Timmons <ptimmons@courriel.polymtl.ca> said:
>
> > again, it's attrs not attr.
> > Currious I didn't see the anonymous. Normaly it's coded as 'by * auth' or
I
> think 'by dn=".*" auth' is equivalent but not shure.
> >
> > Joseph Hoot wrote:
> > >
> > > the logs were complaining about "by anonymous." I commented that out
and
> it
> > > runs. However, my user can't change the password with the following:
> > >
> > > ldappasswd -t uid=jhoot,ou=people,dc=nowcom,dc=com -H md5
> > >
> > > with the below access rules, my user jhoot should be able to change his
> > > password right?
> > >
> > > Joseph Hoot <joe@networkpenguin.com> said:
> > >
> > > > I am trying to get acl stuff working in 1.2.11 and have entered a
simple
> acl
> > > > in my /etc/openldap/slapd.conf. Here it is:
> > > >
> > > > # access control list stuff
> > > > defaultaccess read
> > > > access to attr=userPassword
> > > > by self write
> > > > by anonymous auth
> > > > by dn="cn=Admin,dc=nowcom,dc=com" write
> > > >
> > > > when I restart slapd with /etc/rc.d/init.d/ldap restart it starts and
> dies
> > > > immediately. Any thoughts on why its dieing?
> > > >
> > > > --
> > > > Joseph Hoot
> > > > System Administrator
> > > > http://www.networkpenguin.com
> > > > joe@networkpenguin.com