[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 3 newbie questions : include new schema, ACL,

To: Frederic Medery <fmedery@gmail.com>
Subject: Re: 3 newbie questions : include new schema, ACL,
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 31 Aug 2004 14:15:15 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <7d19fa770408310521343132e9@mail.gmail.com>
References: <7d19fa77040830185563310465@mail.gmail.com> <7d19fa770408310521343132e9@mail.gmail.com>

At 05:21 AM 8/31/2004, Frederic Medery wrote:
>Hello,
>
>My server : Redhat AS 3 (openldap 2.0.x)

2.0 is historic, you should consider upgrading.

>When I add another schema to slapd.conf (mic.schema) for example., do
>I just have to include it in the slapd.conf  and then restart the
>daemon ?

Yes.

>Can we use saslRegexp with this version of openldap ?

I don't recall.  Check the slapd.conf(5) manual page that
shipped with the version you are using.

>ACL : I'm using gssapi to connect to kerberos to get my password.
>with this acl example (after a kinit kerberos_user):
>access to *
>   by "uid=kerberos_user,cn=gssapi,cn-auth" write
>    by * none

That ACL appears to be invalid.  However, as I don't recall
the particulars of 2.0, so I won't attempt to offer a suggestion
on how to correct it.

>And then I do a ldapsearch -Y
>
>it's always the by * ... that applied.

Suggest you use enable and then examine server logs here to
sort out what's happening here.

References:
- 3 newbie questions : include new schema, ACL,
  - From: Frederic Medery <fmedery@gmail.com>

Prev by Date: RE: Openldap scalability problems
Next by Date: Re: 3 newbie questions : include new schema, ACL,
Index(es):
- Chronological
- Thread