[Date Prev][Date Next] [Chronological] [Thread] [Top]

referrals and access control

To: "liste openldap.org" <openldap-software@OpenLDAP.org>
Subject: referrals and access control
From: "cfmd" <cfmd@voila.fr>
Date: Mon, 24 Jun 2002 10:45:12 +0200

Hello world!
I'm using openldap-2.0.23 and i'm in trouble.
I need to make referrals between two directory server and I've a problem with access control : The administrator of the sup-server can't connect to the sub-server. I don't know why, but I haven't really understand the access control system... could you explain me? (how it works, difference between ACI and access control, why I'm wrong...)

slapd.conf Server 1 :
...
database ldbm
suffix "ou=departement,o=entreprise,c=fr"
directory /usr/local/var/openldap-ldbm
rootdn "cn=departementadmin,ou=departement,o=entreprise,c=fr"
rootpasswd departementpass
access to * by * read
...

the sever 1 has an entry like this one :

dn:ou=service,ou=departement,o=entreprise,c=fr
objectclass:organizationalUnit
objectclass:referrals
ou:departement
ref:ldap://server2:389

slapd.conf Server 2
database ldbm
suffix "ou=departement,ou=service,o=entreprise,c=fr"
directory /usr/local/var/openldap-ldbm
rootdn "cn=serviceadmin,ou=service,ou=departement,o=entreprise,c=fr"
rootpasswd sevicepass
access to userpassword
 by by dn="cn=departementadmin,ou=departement,o=entreprise,c=fr" write
 by self write
 by * compare
access to *
 by by dn="cn=departementadmin,ou=departement,o=entreprise,c=fr" write
 by departmentadmin write
 by anonymous auth
 by users read

Thank you for your help




____________________________________________________________
Faites un voeu et puis Voila ! www.voila.fr 
Avec Voila Mail, consultez vos e-mails sur votre mobile Wap.

Prev by Date: Re: userPassword?
Next by Date: how do I specify EXTERNAL SASL mech in slurpd?
Index(es):
- Chronological
- Thread