[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP DN's permissions

To: Andrew C Altepeter <aaltepet@cs.und.edu>
Subject: Re: OpenLDAP DN's permissions
From: Igmar Palsenberg <maillist@jdimedia.nl>
Date: Thu, 16 Aug 2001 17:23:13 +0200 (CEST)
Cc: OpenLDAP <openldap-software@OpenLDAP.org>
In-reply-to: <Pine.GSO.4.33.0108151104070.5130-100000@sirius.aero.und.edu>

Hi.

> I know exactly what you mean.  Here's what you want to do:
> Add the ldapdm user object from the ldif file, only you need to bind as
> the rootdn (giving the rootpw, of course).

I've done that.

> You can add the user, as bind
> as that user before it even exists in the db.  The only way you can do
> this is by binding as root.  Once you have the user added, you can do the
> acl stuff to your hearts content.

I get this :

[root@wrkst /root]# ldapadd -x -W -D "cn=ldapadm,dc=jdimedia,dc=local" -f
test.ldif
Enter LDAP Password:
adding new entry "cn=blaat,dc=jdimedia,dc=local"
ldap_add: Insufficient access
        additional info: no write access to parent

ldif_record() = 50

ACL's :

access to attr=userPassword
        by self write
        by anonymous auth
        by dn="cn=ldapadm,dc=jdimedia,dc=local" write
        by * none

        access to *
        by self write
        by dn="cn=ldapadm,dc=jdimedia,dc=local" write
        by * read

> Hope that helps,

If I get rid of this problem I'm totally happy :)

> Andy

	Thanx,

		Igmar

Follow-Ups:
- Re: OpenLDAP DN's permissions
  - From: "Andrew C. Altepeter" <aaltepet@cs.und.edu>

References:
- Re: OpenLDAP DN's permissions
  - From: Andrew C Altepeter <aaltepet@cs.und.edu>

Prev by Date: Re: cant connect to server
Next by Date: Re: OpenLDAP DN's permissions
Index(es):
- Chronological
- Thread