[Date Prev][Date Next] [Chronological] [Thread] [Top]

Having trouble with ACCESS configuration for anonymous read of some attributes



Question 1: slapd.conf configuration

File: slapd.conf

defaultaccess   none
access to attr=dn,cn,sn,o,mail,description
       by * read
access to attr=userPassword
       by dn="cn=DeanWormer,o=delta" write
       by self write
       by * auth
access to *
       by dn="cn=DeanWormer,o=delta"  write
       by dn="cn=fratbrother,o=delta" read
       by users read
       by self write
       by * auth

I want anonymous access to be able to read email addresses from OpenLDAP
but nothing else. This does not allow one to bind anonymously for basic
attributes. I also tried "aatrs" as well as putting the rule at the end
of the three access rules. Binding with a login of DeanWormer or
fratbrother with the appropriate password does work. Anonymous does not.

Question 2:

The above is to get around a bug in Netscape 4.77 on Linux. Using the
Ethereal packet sniffer I discovered that Netscape attempted to bind
using NULL for both the "User ID" and "PAssword" even when the setting
is to use a login/password and Netscape prompts for the information. For
graphical images and a better explanation see:
http://yolinux.com/TUTORIALS/LinuxTutorialLDAP-BindPW.html#NETSCAPE

Does anybody know if this has worked for them or if there is an older
version of Netscape that does not possess this problem.

Any help would be greatly appreciated
Greg
begin:vcard 
n:Ippolito;Greg
tel;cell:(817)821-9464 (truck)
tel;fax:(303)474-7596
tel;home:(310)318-8069
tel;work:(817)246-3220 (TX voice mail)
x-mozilla-html:FALSE
url:http://www.GregIppolito.com/
org:Consultant/Contract
adr:;;2105 Rockefeller Lane #6	;Redondo;CA;90278;USA
version:2.1
email;internet:greg@GregIppolito.com
title:Applications/Systems Programmer
x-mozilla-cpt:;21952
fn:Greg Ippolito
end:vcard