[Date Prev][Date Next] [Chronological] [Thread] [Top]

Some children only viewable by root user?



I've got a very odd problem here.  I've got a list of entries under
"ou=Departments,dc=dal,dc=ca", each one being a department at our 'o'.
Problem is, not all of the them show up when doing a query like the following:

    ldapsearch -x -b 'ou=departments,dc=dal,dc=ca' -s sub '(ou=*)'

However, they DO show up if I bind as the root user.  They also show up if
I do a slightly more specific search, like '(ou=N*)', or specifically set
-b to their DN.

Thinking this might be an ACL issue, I tried using this ACL, and ONLY this
ACL:

	access to * by * write

Still no luck.

I've run slapd -d128, and the main difference seems to be that as anonymous,
I get a lot of:

	access_allowed: no res from state (objectClass)

... when as rootDN I don't.

Anyone know where to go from here?  This is OpenLDAP 2.1.21.