[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
newbie question
Suggested solutions did not work. I will give all details:
>From slapd.conf:
access to dn="o=my_org"
by * write
by * read
suffix "o=my_org"
rootdn "cn=admin,o=Keerthana Technologies"
rootpw admin_password
I added entries to LDAP using:
ldapadd -f entries.ldif -x -D "cn=admin,o=my_org" -w admin_password
I do a search on
ldapsearch -x -b 'o=my_org' '(objectclass=*)'
All entries are listed.
I want to restrict access to users only and changed access to:
access to dn="o=my_org"
by users write
by anonymous auth
by * none
Now I do a search and nothing is listed. What should be the search parm with this change ?
Appreciate any help.
On Tuesday, November 25, 2003, at 04:36AM, Mavric Domen ITWEN5 <d.mavric@iskratel.si> wrote:
>Hi!
>You should bind as an existing user from your ldap tree (eg. cn=user1,ou=users,dc=mydomain,dc=com), with basename (-b option in ldapsearch) "dc=mydomain,dc=com" or use default suffix from your slapd.conf.
>BR,
>Domen
>
>-----Original Message-----
>From: Chakravarthy Cuddapah [mailto:chakravarthy@mac.com]
>Sent: Tuesday, November 25, 2003 12:22 PM
>To: openldap-software@OpenLDAP.org
>Subject: newbie question
>
>
>None showed up when I used this.
>
>On Monday, November 24, 2003, at 10:26PM, Mavric Domen ITWEN5 <d.mavric@iskratel.si> wrote:
>
>>Hi!
>>
>>Maybe this will help:
>>
>>access to dn="dc=mydomain,dc=com"
>> by users write
>> by anonymous auth
>> by * none
>>
>>Users will have all permissions under "dc=mydomain,dc=com" suffix, anonymous users must authenticate themselves, access is denied to all the others.
>>BR,
>>Domen
>>
>>-----Original Message-----
>>From: Chakravarthy Cuddapah [mailto:chakravarthy@mac.com]
>>Sent: Tuesday, November 25, 2003 3:21 AM
>>To: openldap-software@OpenLDAP.org
>>Subject: newbie question
>>
>>
>>I am having this in slapd.conf
>>access to dn="dc=mydomain,dc=com"
>> by * read
>> by * write
>>
>>I want to restrict read and write access to the users only. Can anyone pls tell me how to change this.
>>
>>Thanks !
>>
>>
>>
>>
>
>