[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP access question
Today at 2:31pm, Tony Earnshaw wrote:
> fre, 2002-08-23 kl. 13:39 skrev Frank Swasey:
>
> > I use the following and anonymous searches do not return objectclass...
> > I don't understand why people are having a problem with this.
>
> > access to attrs=objectClass
> > by dn="cn=IAmYourGodAndIWillDoWhatIWant,dc=example,dc=com" write
> > by self read
> > by * search
>
> > With "by * none" a lot of default filters "(objectclass=*)" fail....
>
> There just has to be one out of three possible explanations for your
> findings:
>
> 1: - The most likely - you are frightening the thing to death with your
> DN and it doesn't dare to do otherwise;
That's probably it... or it's to early for me to obfuscate with
delicateness :)
> 2: You are using a very old version of Openldap;
Is 2.0.23 that old?
> 3: Your app just doesn't show you objectCasses. Like Mozilla 1.0 for
> example.
% ldapsearch -x -LLL netid=fcs objectclass
dn: uid=fcs,ou=People,dc=uvm,dc=edu
Hmm, it works for me....
> Surely you realise that someone like Adam Morrison wouldn't just say
> what he does for fun? Nor yet I and others experience what we do?
I realise it. I just don't understand why it works for me and not
anyone else....
If I offended anyone, I will apologize and blame the causticness of my
response on the early hour, the poor night's sleep, and a complete lack
of caffeine at the time I wrote it.
--
Frank Swasey | http://www.uvm.edu/~fcs
Systems Programmer | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
=== God Bless Us All ===