[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Problem
Hello All,
I am faced with the following problem. I want to create an Admin
entry in the OpenLDAP 2.07 database. that is this entry should
have all the access. This is the kind of tree
root
/ |
Admin OU
/ | \
BU1 BU2 BU3
Now the access control section is as follows.
access to *
by dn="cn=Admin,dc=example,dc=com" write
Also ldapadd of the Admin entry was made with the help of
rootdn (admin entry's DN is "cn=Admin,dc=example,dc=com" )
I must tell that admin entry is based on adminObject which I
added in local.schema which is as follows
# this is for admin entry
objectclass ( 2.5.6.21 NAME 'adminObject' SUP top STRUCTURAL
MUST ( cn $ userPassword )
MAY ( sn $ description ) )
But when I am trying to add entries as follows
ldapadd -D "cn=Admin,dc=example,dc=com" -f test.ldif
test.ldif contains
dn:ou=BU1,dc=example,dc=com
objectclass:top
objectclass:organizationalUnit
ou:BU1
description:unit of business
I am getting the error
ldap_add: Insufficient access
additional info: no write access to parent
Also if I specify -w "password" with ldapadd then the ldap_bind
is giving the Insufficient access error
This is the exact reproduction of the symptom. Could anyone
point out the mistake ??
Thanks
SRIHARI