[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
group access "write" in OpenLDAP 2.1.4
Hello,
I have a question about the group access.
I am using OpenLDAP 2.1.4 + BerkeleyDB 4.0.14.
OS: Solaris 8, Turbolinux 7.0
I have created the following group.
(made reference to FAQ:
How do I use groups as manage access contorls?)
+-dc=example,dc=com
+--cn=administrators,dc=example,dc=com
+--cn=fred blogs,dc=example,dc=com
LDIF:
dn:cn=administrators,dc=example,dc=com
cn: administrators of this region
objectclass: groupOfNames
objectclass: top
member: cn=fred blogs,dc=example,dc=com
member: cn=somebody else,dc=example,dc=com
slapd.conf : the GROUP access acl
access to *
by group="cn=administrators,dc=example,dc=com" write
by * auth
When I tried to modify dn "cn=fred blogs,dc=example,dc=com",
it works fine.
But when I tried to search filter "(objectclass=*)", I got
no entries.
# extended LDIF
#
# LDAPv3
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
When I used OpenLDAP 2.1.3 with same acl as the above-mentioned,
I could get all entries.
Also, I changed group.c v1.9.2.4 to v1.9.2.3 in OpenLDAP 2.1.4
and rebuilt, I could get all entries.
When version 2.1.4 is used, should I do anything else?
I apologize for the unskilled English language and long writing.
Thanks.
------
Michiko NAGARA