[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Subtree search.
- To: openldap-software@OpenLDAP.org
- Subject: Subtree search.
- From: Relho de Couro <relho.de.couro@gmail.com>
- Date: Thu, 25 Nov 2004 17:19:30 -0200
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=JC3F9vhI7JR3ujfWLMpU6stPopb38Merk7M0tGHnIH2Eho2/g79NywyDXXDq2r0EElrndeAwTQOR7Y2KGaOflAgGqTJkdB+w09epTkUMKkB5uN5fJmwzTsrhrkbQ/iqGi7Ep20NufZu7V9SWLdh+blQhPGiqXHvPxGOd1V1FjgM=
- In-reply-to: <4b3429d804112510392eec957b@mail.gmail.com>
- References: <4b3429d804112510392eec957b@mail.gmail.com>
Hi,
Well, I'm having a little trouble with ldapsearch. Actually,
I don't know if the issue resides on this search tool, because the
same problem happened with perl-ldap.
I have a LDAP data base managed by OpenLDAP. I've an organizational
subtree called
ou=Management,dc=Department,dc=Institution. In slapd.conf I've
permissions like these:
access to dn=".*ou=Management,dc=Department,dc=Institution"
by anonymous auth
by dn="cn=Manager,ou=Administration,dc=Department,dc=Institution"
+wrscx
by dn=".*,dc=Department,dc=Institution" =r
by self write
The problem is: I cannot access (lets say, read) the complete subtree
entries (from ou=Management,dc=Department,dc=Institution) using
cn=Manager,ou=Administration,dc=Department,dc=Institution as the
binder DN. Yet, using the main OpenLDAP manager DN
(cn=root,dc=Department,dc=Institution) I can read all subtree's
entries (entries I mean by leaf DNs, subtree DNs and their leaf DNs,
and so on), using the same search command/code.
( seach query: ldapsearch -x -L -D
"cn=Manager,ou=Administration,dc=Department,dc=Institution" -w
password -b ou=Management,dc=Department,dc=Institution)
Could anyone give any suggestion/idea on what could be going on, please?
Thanks in advance,
--
Relho de Couro