Re: Access control lists

[Tomas Maly <malyprogservices@flashmail.com>]

It would help if you gave a copy of the acls that failed. Commenting out the
lines doesn't not help. It might be easier if you "include" a separate file
that just has acl's in it, and just send that one.

Jean-Eric Cuendet wrote:

> > Turn on debugging and see what happens. Provide your complete
> > ACLs. Which
> > authorization do you use for accessing the LDAP server? Is
> > this authorization
> > covered by your ACLs?
>
> I need to issue the command
>   ldapmodify -x -D "uid=testjec,ou=People,dc=linkvest,dc=com" -f modify.ldif
> -r -w <passwd>
> Sometime it works (with VERY permissive ACLs) and other times it fails (with
> choosen ACLs)
> Details are below.
>
> When setting
>   access to * by * write
> it produces the following log output:
>      Available in attached ldap.log.writestar
>
> And it works!
>
> When setting:
>   access to * by dn="uid=testjec,ou=People,dc=linkvest,dc=com" write
> I have
>      Available in attached ldap.log.testjec
>
> And it fails!
>
> Thanks to help me if you can!
> -jec
>
>  <<slapd.conf>>   <<ldap.log.writestar>>  <<ldap.log.testjec>>
>
>   ------------------------------------------------------------------------
>                  Name: slapd.conf
>    slapd.conf    Type: unspecified type (application/octet-stream)
>              Encoding: quoted-printable
>
>                          Name: ldap.log.writestar
>    ldap.log.writestar    Type: unspecified type (application/octet-stream)
>                      Encoding: quoted-printable
>
>                        Name: ldap.log.testjec
>    ldap.log.testjec    Type: unspecified type (application/octet-stream)
>                    Encoding: quoted-printable