[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 3 newbie questions : include new schema, ACL,



At 05:21 AM 8/31/2004, Frederic Medery wrote:
>Hello,
>
>My server : Redhat AS 3 (openldap 2.0.x)

2.0 is historic, you should consider upgrading.

>When I add another schema to slapd.conf (mic.schema) for example., do
>I just have to include it in the slapd.conf  and then restart the
>daemon ?

Yes.

>Can we use saslRegexp with this version of openldap ?

I don't recall.  Check the slapd.conf(5) manual page that
shipped with the version you are using.

>ACL : I'm using gssapi to connect to kerberos to get my password.
>with this acl example (after a kinit kerberos_user):
>access to *
>   by "uid=kerberos_user,cn=gssapi,cn-auth" write
>    by * none

That ACL appears to be invalid.  However, as I don't recall
the particulars of 2.0, so I won't attempt to offer a suggestion
on how to correct it.

>And then I do a ldapsearch -Y
>
>it's always the by * ... that applied.

Suggest you use enable and then examine server logs here to
sort out what's happening here.