[Date Prev][Date Next] [Chronological] [Thread] [Top]

does back-sql bypass ACL ?

To: openldap-software@OpenLDAP.org
Subject: does back-sql bypass ACL ?
From: Frederic Saincy <freddy@lovelinux.org>
Date: 11 May 2002 04:34:48 +0200
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Hi all,

I have successfully installed a postgresql (7.2.1) backend to an
openldap (2.0.23) using iodbc (3.0.6) helped with the excellent howto
that you can find here:

http://www.samse.fr/GPL/ldap_pg/
(by the way, does these patches would be integrated ?)

Here is my problem:

in slapd.conf 

# this works. (can't use LDAP to update the database)
# readonly on 

# this works (anonymous don't get telephoneNumber)
access to attribute=telephoneNumber
        by  cn=root,=sql,c=RU     
        by * none


# this DOES NOT WORK 
# (even anonymous can add/delete entries, modify attributes... )
access to *
        by dn="cn=root,=sql,c=RU" write
        by * read


with ldbm, all works fine.

I have read this:

openldap-2.0.23/servers/slapd/back-sql/docs/*
http://www.openldap.org/faq/data/cache/378.html

I have search here:

http://www.openldap.org/lists/openldap-software/
http://www.google.org/

But find no clue.

Does people using Oracle, MS SQL Server experiencing same problems ?
I can provide more information if needed.

Bye.

Follow-Ups:
- Re: does back-sql bypass ACL ?
  - From: "Pierangelo Masarati" <masarati@aero.polimi.it>
- Re: does back-sql bypass ACL ?
  - From: Thomas Cramer <cramert@musc.edu>

Prev by Date: Re: newbie question - LDAP and Active Directory
Next by Date: Re: does back-sql bypass ACL ?
Index(es):
- Chronological
- Thread