[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with dnattr..

To: openldap-software@OpenLDAP.org
Subject: Problem with dnattr..
From: Adam Jacob <adam@sysadminsith.org>
Date: Wed, 23 May 2001 21:30:56 -0700
Content-disposition: inline
User-agent: Mutt/1.2.4i

I'm having an ACL that's not working out like I think it should:

access to dn="cn=.*,ou=lists,ou=people,dc=sysadminsith,dc=org"
        by group="cn=administrators,ou=security,dc=sysadminsith,dc=org" write
        by dnattr=owner write
        by anonymous read
        by * read

Where the record has:

# test,Lists,people,dc=sysadminsith,dc=org
dn: cn=test,ou=Lists,ou=people,dc=sysadminsith,dc=org
cn: test
objectClass: top
objectClass: go2List
listposting: Open
listmember: demo.man@sysadminsith.org
description: Test list
owner: uid=bobo,ou=people,dc=sysadminsith,dc=org
group: None
listarchive: Yes

And I'm bound to the directory as bobo.

I get "ldap_modify: Insufficient access" when trying to modify the record..
I've been beating my head against it for the better part of an hour now, and
I'm not sure what's wrong. 

Help? :) 

Adam

-- 
adam@sysadminsith.org - (http://sysadminsith.org)
Evil Lord of the Sysadmin Sith Darth Rmdashrf

Prev by Date: configure error on Solaris2.6
Next by Date: problem using wildcard search
Index(es):
- Chronological
- Thread