[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL Problem

To: <openldap-software@OpenLDAP.org>
Subject: ACL Problem
From: "Jerry Han" <hz@sunjapan.com.cn>
Date: Thu, 2 Nov 2000 10:06:56 +0800

Hi,

I'm using OpenLDAP 1.2.x.  I want to grant some users have the super-user
like privilege.  So, I create a DN - "cn=Directory
Administrators,ou=Group,o=SJNS,c=CN", which contain the userid of the proper
users.

dn: cn=Directory Administrators, ou=Group, o=SJNS, c=CN
memberuid: usr1
memberuid: usr2
memberuid: usr3
objectclass: posixGroup
objectclass: top
cn: Directory Administrators

And I have these ACL in slapd.conf file.
#################################################################
defaultaccess read
access to attr=userpassword,sn,maildrop
 by self write
 by dn="cn=Directory Administrators,o=SJNS,c=CN" write
 by dn="cn=Directory Administrators,ou=Group,o=SJNS,c=CN" write
 by * read

#################################################################

The problem is, when the user use their own DN
("uid=usr1,ou=people,o=SJNS,c=CN") bind to the ldap server. they still
cannot modify any entry except there own DN.

Could someone tell me the solution.  Thanks

Later,
Yours, Jerry Han

Follow-Ups:
- SASL problem (newbie)
  - From: "Steve Collins" <scollins@apexvoice.com>
- Re: ACL Problem
  - From: Mike Jackson <jacksonm@ssh.com>

Prev by Date: index disallowed ?
Next by Date: SASL problem (newbie)
Index(es):
- Chronological
- Thread