[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Newbie Question: How to set write access to everybody
- To: openldap-software@OpenLDAP.org
- Subject: Newbie Question: How to set write access to everybody
- From: Yang Xiang <yang.xiang.sd@gmail.com>
- Date: Mon, 28 Feb 2005 18:01:50 +0000
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=Uoy+jBt+u3yk6wGnXdtp50cJ1nH7RJy/z9g0UdV0qwdZSD2NJCnfYMDS2NNlZWxw16cVq9C5kb65GfL+88ySM305/FESZT9qgEsMZVy+os0XwfxUSkpNmMpunmyM7753QglDVmbvFx4tpOX3oz0XyyKRVXzhLnQtVIFPKzrULcI=
Hi,
I am working with a C/C++ API based client to add/modify entries to an
internal LDAP database and thus we don't require any type of
authentication.
I've put "defaultaccess write" and hoped that would grant access to
anybody to do a ldap_add_entry_s call without performing a
ldap_simple_bind first. But it kept on telling me "Insufficient
Access". I also tried to set access to * by * write to each database.
What should I do in this case to achieve the effect of open access to
anybody? Because potentially I can have several hundreds database
configured in this one slapd-conf and I don't want to create rootdn
and rootpw for each of them and perform ldap_simple_bind everytime I
want to modify a different database instance. What I really want to
achieve is: login/bind once and then I can write to any database
inside this slapd.
Any hints would be deeply appreicated. My current slapd conf is attached.
Thanks,
Yang Xiang
#
# sample slapd config file
#
include /usr/local/etc/openldap/schema/core.schema
idletimeout 3600
sizelimit 75000
timelimit 300
loglevel -1
#threads 5
defaultaccess write
# DB1
database ldbm
suffix ou=0,ou=rs,ou=msrs,ou=agent,dc=my-ldap,dc=com
access *
by * write
directory /home/agent/ldapdb/rs0
# DB2
database ldbm
suffix ou=1,ou=rs,ou=msrs,ou=agent,dc=my-ldap,dc=com
access *
by * write
directory /home/agent/ldapdb/rs1