[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Can query as anonymous or manager, but can't bind
tor, 26.02.2004 kl. 22.38 skrev Chris St. Pierre:
Chris,
Basically what you're trying is right. But a couple of things:
access to attr=userPassword
> by self write
> by dn="uid=root,ou=People,dc=students,dc=NebrWesleyan,dc=edu"
> write
> by * auth
Change this to "by anonymous auth"
access to attr=loginShell
> by self read
> by dn="uid=root,ou=People,dc=students,dc=NebrWesleyan,dc=edu"
> write
> by * read
Get rid of the above for the time being, until all other things work.
It's only complicating things, and it's useless for what you're
initially trying to do, anyway.
access to *
> by self write
> by dn="uid=root,ou=People,dc=students,dc=NebrWesleyan,dc=edu"
> write
> by * read
> by anonymous auth
Same as above. Change to:
access to *
by * read
for the time being. The "auth" line is useless, anyway - that's only
necessary for userPassword.
Change *one thing at a time* and see if that works, before going on.
Yes, it means a lot of extra work, but work methodically.
Lastly:
> I posted to this list before, and RTFMed, and STFWed, and the only
> suggestion I found was to change the ownership of my configuration and
> data files to a generic user/group, ldap:ldap, and run slapd as that
> user. I tried that, but slapd segfaults immediately.
Obviously the user/group have to exist, but this is the way to go. slapd
should not be running as root. If you are getting seg faulting under
*any* circumstances, your compile is faulty, or it could be permission
problems on DSO libraries linked in. Seg faults (signal 11, at least)
are due to memory allocation problems.
Best,
--Tonni
--
mail: billy - at - billy.demon.nl
http://www.billy.demon.nl