[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
acl trouble
HI,
I'M HAVING TROUBLE UNDERSTANDING ACLS. SPECIFICALLY, WHEN I ATTEMPT:
ldapsearch -x -witchy+scratchy \
-D"uid=itchy3,ou=People,dc=ltrr,dc=arizona,dc=edu" "(uid=itchy3)" userPassword
WITH THE FOLLOWING SLAPD.CONF:
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include
/etc/openldap/schema/draft-lachman-laser-ldap-mail-routing-02.schema
include /etc/openldap/schema/redhat/rfc822-MailMember.schema
include /etc/openldap/schema/redhat/autofs.schema
include /etc/openldap/schema/redhat/kerberosobject.schema
TLSCertificateFile /usr/share/ssl/certs/slapd.pem
TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
password-hash {md5}
database ldbm
suffix "dc=ltrr,dc=arizona,dc=edu"
rootdn "cn=master,dc=ltrr,dc=arizona,dc=edu"
rootpw password
directory /var/lib/ldap
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial
access to dn=".*,dc=ltrr,dc=arizona,dc=edu"
by dn="uid=itchy3,ou=People,dc=ltrr,dc=arizona,dc=edu" write
by self write
by users write
I GET:
ldap_bind: Insufficient access
HOWEVER, I GET CORRECT SEARCH RESULTS WHEN I INCLUDE:
by anonymous write
SO I CONCLUDE THE SERVER DOES NOT RECOGNIZE THE DN USED FOR BINDING AS
dn="uid=itchy3,ou=People,dc=ltrr,dc=arizona,dc=edu", OR self OR users, AS TO
MY MIND IT SHOULD. WHAT AM I MISSING HERE? ANY HELP WOULD BE GREATLY
APPRECIATED.
REDHAT 7.1
OpenLDAP 2.0.11?(according to man page for slapd, is there another way to check
for version#?)
Merrick B. Richmond
Research Specialist (GIS/Geography)
The Labratory of Tree-Ring Research
University of Arizona
email: merrick@ltrr.arizona.edu
street address:
105 W Stadium
Tucson, AZ 85721