[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL problem

To: Michael Parienti <mparienti@easter-eggs.com>
Subject: Re: ACL problem
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Tue, 30 Oct 2001 17:09:22 +0100
Cc: openldap-software@OpenLDAP.org
Organization: Dipartimento di Ingegneria Aerospaziale
References: <20011030164927.7b5e85d6.mparienti@easter-eggs.com>

Michael Parienti wrote:
> 
> Hi
> 
> I have a strange problem concerning the access control. I had
> a ldap directory, with no ACL. I want to add some. So I change
> my slapd.conf.
> 
> When I add the following access control rule (after changing
> the "defaultaccess" from "write" to "none"):
> 
> access to *
>  by users read
>  by * none
> 
> I can't bind any more to the server, with any DN.
> 
> Did I miss something?

anonymous needs auth access to bind. The minimal acl would rather 
be something like

access to *
	by users read
	by anonymous auth


where " ! ( users | anonymous ) = empty " (I hope ...)

Pierangelo.

-- 
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 | mailto:masarati@aero.polimi.it
via La Masa 34, 20156 Milano, Italy   |
http://www.aero.polimi.it/~masarati

References:
- ACL problem
  - From: Michael Parienti <mparienti@easter-eggs.com>

Prev by Date: ACL problem
Next by Date: Re: Does openLDAP support two-way replication?
Index(es):
- Chronological
- Thread