[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Problems with access directive
As the subject line eludes to I am having difficulty with the access
directive. Bottom line is this, if I place any access directive into
my slapd.conf file I can no longer browse the directory. For example
the following directive causes me to no longer see the attributes of
the base DN or anything else for that matter.
access to dn.subtree="dc=ca,dc=myrealdomain,dc=com" attrs=userPassword
by self write
by anonymous auth
by * none
Here is the output from the logfile starting from right after I made
the change, restarted the service and attached to the LDAP service
slapd[20313]: bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)
slapd[20313]: bdb_db_init: Initializing BDB database
slapd[20314]: slapd starting
slapd[20314]: => access_allowed: search access to "" "objectClass" requested
slapd[20314]: => acl_get: [1] check attr objectClass
slapd[20314]: <= acl_get: [1] acl attr: objectClass
slapd[20314]: => acl_mask: access to entry "", attr "objectClass" requested
slapd[20314]: => acl_mask: to all values by "", (=n)
slapd[20314]: <= check a_dn_pat: self
slapd[20314]: <= check a_dn_pat: users
slapd[20314]: <= check a_dn_pat: anonymous
slapd[20314]: <= acl_mask: [3] applying auth(=x) (stop)
slapd[20314]: <= acl_mask: [3] mask: auth(=x)
slapd[20314]: => access_allowed: search access denied by auth(=x)
OS is RedHat ver. 9
OpenLDAP is ver. 2.1.22
This is a very vanilla install, there is no TLS, SASL or other
obvious factors that are complicating this matter. Thanks in advance
for any help.
--
Regards,
Timothy R. Robnett
mailto:tim@robnett.net
http://www.robnett.net/~tim/
"Tricks and treachery are the practice of fools, that don't have
brains enough to be honest."
--Benjamin Franklin