[Date Prev][Date Next] [Chronological] [Thread] [Top]

Adding users and access control.

To: <openldap-software@OpenLDAP.org>
Subject: Adding users and access control.
From: "Ajit Nair" <ajit_nair@adc.com>
Date: Mon, 19 Nov 2001 15:04:42 -0500
References: <20011115165756.A6720@horde.net> <m23d3a1z83.fsf@j-sanchez-p.stl.es>

Hello,

I've been trying to configure OpenLdap v2.0.7  with a new user (other than
the root). However, it looks like I'm missing someting. I've added the
following object to the database:

dn: cn=Update Manager, o=blah.com
objectClass: top
objectClass: person
objectClass: organisationalPerson
objectClass: inetOrgPerson
cn: Update Manager
sn: Manager
userPassword:: dXBkYXRlX21hbmFnZXI=

where o=blah.com is the base dn.

I've also modified the access control in slapd.conf file to contain
access to *
        by dn="cn=Update Manager, o=blah.com" write
        by self write
        by anonymous none
        by dn="cn=Directory Manager,.*" write

so that "cn=Update Manager, o=blah.com" can have complete write access
(which also mean read access). But my attempts to verify this with
ldapsearch and ldapadd utilities return "ldap_bind: Insufficient access" as
a result. The same operations using the rootdn work fine.

Any idea what I'm doing wrong?

Thanks.

Ajit.

Follow-Ups:
- Re: Adding users and access control.
  - From: Pierangelo Masarati <masarati@aero.polimi.it>
- Re: Adding users and access control.
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

References:
- indexing createTimestamp
  - From: John Morrissey <jwm@horde.net>
- Re: indexing createTimestamp
  - From: Julio Sanchez Fernandez <j_sanchez@stl.es>

Prev by Date: IANA and registering OIDs
Next by Date: Re: IANA and registering OIDs
Index(es):
- Chronological
- Thread