At 01:35 PM 5/2/2004, stephen smithstone wrote: >#access to * ># by self write ># by users read ># by anonymous auth >ldapsearch -x -b "dc=smithstone" "(objectClass=*)" it returns nothing Seems exactly what you told it to do. Anonymous has no read permission. (Note that the ldap.conf file you provided appears to be for nss/pam ldap, not ldapsearch(1).) Kurt