[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
unknown LDAP result code (-30990): using groups to manage ACL's
Hello OpenLDAP users,
I'm trying to follow the instructions from the Faq-o-Matic ("How do I
use groups as manage access controls?").
This is OpenLDAP 2.1.25 with BDB 4.2.52 (RedHat 9). It is a fresh
database. I just imported all the records. I created a "groupofNames"
object:
dn: cn=Adminstrators,dc=company,dc=com
cn: Adminstrators
objectClass: groupOfNames
objectClass: top
member: uid=chris,ou=people,ou=corporate,dc=company,dc=com
I try the following command:
ldapmodify -v -ZZ -x -w password -D \
uid=chris,ou=people,ou=corporate,dc=company,dc=com -f entry
I get this result:
ldap_initialize( <DEFAULT> )
replace userPassword:
changeme
modifying entry "uid=test,ou=People,ou=Corporate,dc=company,dc=com"
ldapmodify: update failed:
uid=test,ou=People,ou=Corporate,dc=company,dc=com
ldap_modify: unknown LDAP result code (-30990)
Contents of "entry":
dn: uid=test,ou=People,ou=Corporate,dc=company,dc=com
changetype: modify
replace: userPassword
userPassword: changeme
access to attr=shadowLastChange
by dn.base="cn=Manager,dc=company,dc=com" write
by group.exact="cn=Administrators,dc=company,dc=com" write
by self write
by * compare
access to attr=userPassword
by self write
by anonymous auth
by dn.base="cn=Manager,dc=company,dc=com" write
by group="cn=Administrators,dc=company,dc=com" write
by * compare
access to dn.children="ou=Customers,dc=company,dc=com"
by self write
by group="cn=Administrators,dc=company,dc=com" write
by users read
by * read
access to *
by self write
by dn.base="cn=Manager,dc=company,dc=com" write
by users read
by * read
thanks,
CP