[Date Prev][Date Next] [Chronological] [Thread] [Top]

does back-sql bypass ACL ?



Hi all,

I have successfully installed a postgresql (7.2.1) backend to an
openldap (2.0.23) using iodbc (3.0.6) helped with the excellent howto
that you can find here:

http://www.samse.fr/GPL/ldap_pg/
(by the way, does these patches would be integrated ?)

Here is my problem:

in slapd.conf 

# this works. (can't use LDAP to update the database)
# readonly on 

# this works (anonymous don't get telephoneNumber)
access to attribute=telephoneNumber
        by  cn=root,=sql,c=RU     
        by * none


# this DOES NOT WORK 
# (even anonymous can add/delete entries, modify attributes... )
access to *
        by dn="cn=root,=sql,c=RU" write
        by * read


with ldbm, all works fine.

I have read this:

openldap-2.0.23/servers/slapd/back-sql/docs/*
http://www.openldap.org/faq/data/cache/378.html

I have search here:

http://www.openldap.org/lists/openldap-software/
http://www.google.org/

But find no clue.

Does people using Oracle, MS SQL Server experiencing same problems ?
I can provide more information if needed.

Bye.