[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [ldap] Permsion on Parent
Actually I tried it all ways. (*.*) (.*) (*.) (*)
Pierangelo Masarati wrote:
>
> > Is there any docs that shows all this?
> >
> > Robert Canary wrote:
> >>
> >> I am trying create a record under ou=People,dc=example,dc=com
> >>
> >> I am using the dn"uid=newuser2add,ou=People,dc=example,dc=com
> >>
> >> If I run the ldif file with cn=root it gose fine, but I don'r want
> >> that. I am trying to setup a user specificly for adding new people.
> >> So I set a user called "peopleroot" and added this superuser in the
> >> acls as follows:
> >>
> >> access to dn="uid=*,ou=People,dc=example,dc=com"
> >> by dn="cn=peopleroot,dc=example,dc=com" write
>
> If you're using OpenLDAP software, this regex is incorrect;
> it should be
>
> access to dn="uid=.*,ou=People,dc=example,dc=com"
> by dn="cn=peopleroot,dc=example,dc=com" write
>
> note the dot '.' before the star '*'.
>
> >>
> >> But it still gives me:
> >> ldap_add: Insuffiecent access
> >> additional Info: nowrite access to parent
> >> ldif_record()=50
> >>
> >> Can someone tell me what the proper dn for peopleroot should be to
> >> allow write permissions
> >>
> >> thanks in advance
> >> --
> >> robert
> >>
> >> ---
> >> You are currently subscribed to ldap@umich.edu as:
> >> [phantom@ohiocounty.net] To unsubscribe send email to
> >> ldap-request@umich.edu with the word UNSUBSCRIBE as the SUBJECT of the
> >> message.
>
> --
> Pierangelo Masarati
> mailto:pierangelo.masarati@sys-net.it