[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Having trouble with ACCESS configuration for anonymous read of some attributes
Question 1: slapd.conf configuration
File: slapd.conf
defaultaccess none
access to attr=dn,cn,sn,o,mail,description
by * read
access to attr=userPassword
by dn="cn=DeanWormer,o=delta" write
by self write
by * auth
access to *
by dn="cn=DeanWormer,o=delta" write
by dn="cn=fratbrother,o=delta" read
by users read
by self write
by * auth
I want anonymous access to be able to read email addresses from OpenLDAP
but nothing else. This does not allow one to bind anonymously for basic
attributes. I also tried "aatrs" as well as putting the rule at the end
of the three access rules. Binding with a login of DeanWormer or
fratbrother with the appropriate password does work. Anonymous does not.
Question 2:
The above is to get around a bug in Netscape 4.77 on Linux. Using the
Ethereal packet sniffer I discovered that Netscape attempted to bind
using NULL for both the "User ID" and "PAssword" even when the setting
is to use a login/password and Netscape prompts for the information. For
graphical images and a better explanation see:
http://yolinux.com/TUTORIALS/LinuxTutorialLDAP-BindPW.html#NETSCAPE
Does anybody know if this has worked for them or if there is an older
version of Netscape that does not possess this problem.
Any help would be greatly appreciated
Greg
begin:vcard
n:Ippolito;Greg
tel;cell:(817)821-9464 (truck)
tel;fax:(303)474-7596
tel;home:(310)318-8069
tel;work:(817)246-3220 (TX voice mail)
x-mozilla-html:FALSE
url:http://www.GregIppolito.com/
org:Consultant/Contract
adr:;;2105 Rockefeller Lane #6 ;Redondo;CA;90278;USA
version:2.1
email;internet:greg@GregIppolito.com
title:Applications/Systems Programmer
x-mozilla-cpt:;21952
fn:Greg Ippolito
end:vcard