[Date Prev][Date Next] [Chronological] [Thread] [Top]

Database Access

To: OpenLDAP-software@OpenLDAP.org
Subject: Database Access
From: Matt <openldap@chilitech.com>
Date: 06 Mar 2003 10:14:27 -0500

When my backend customer/ billing software reads/changes things in the
openldap I see this in the logs:
=> access_allowed: search access to
"x500uniqueIdentifier=28246,ou=accounts,dc=chilitech, dc=net" "uid"
requested
<= root access granted
=> access_allowed: read access to
"x500uniqueIdentifier=28246,ou=accounts,dc=chilitech, dc=net" "entry"
requested
<= root access granted
=> access_allowed: read access to
"x500uniqueIdentifier=28246,ou=accounts,dc=chilitech, dc=net" "uid"
requested
<= root access granted
=> access_allowed: read access to
"x500uniqueIdentifier=28246,ou=accounts,dc=chilitech, dc=net" "uid"
requested
<= root access granted
=> access_allowed: read access to
"x500uniqueIdentifier=28246,ou=accounts,dc=chilitech, dc=net"
"mailMessageStore" requested
<= root access granted
=> access_allowed: read access to
"x500uniqueIdentifier=28246,ou=accounts,dc=chilitech, dc=net"
"mailMessageStore" requested
<= root access granted
=> access_allowed: read access to
"x500uniqueIdentifier=28246,ou=accounts,dc=chilitech, dc=net"
"userPassword" requested
<= root access granted
=> access_allowed: read access to
"x500uniqueIdentifier=28246,ou=accounts,dc=chilitech, dc=net"
"userPassword" requested
<= root access granted

When I try to change things with an LDAP browser I see:
=> access_allowed: backend default read access granted to ""
=> access_allowed: read access to "cn=Subschema" "objectClasses"
requested
=> access_allowed: backend default read access granted to ""
=> access_allowed: read access to "cn=Subschema" "objectClasses"
requested
=> access_allowed: backend default read access granted to ""
=> access_allowed: read access to "cn=Subschema" "objectClasses"
requested
=> access_allowed: backend default read access granted to ""
=> access_allowed: read access to "cn=Subschema" "objectClasses"
requested
=> access_allowed: backend default read access granted to ""
=> access_allowed: read access to "cn=Subschema" "objectClasses"
requested
=> access_allowed: backend default read access granted to ""


and if I try to change:
daemon: select: listen=6 active_threads=1 tvp=NULL
=> access_allowed: backend default write access denied to ""
ber_flush: 14 bytes to sd 9


What's the difference?  I've tried logging in as manager... should I not
be and be logging in as someone else?

Follow-Ups:
- Re: Database Access
  - From: Adam Williams <awilliam@whitemice.org>

Prev by Date: Q: OpenLDAP In A 'Heartbeat' Cluster
Next by Date: Re: updated app schemas?
Index(es):
- Chronological
- Thread