[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Permissions error
Matt Juszczak wrote:
Here is the output of the log file when I try to create a new group with
the access control setup I have previously shown:
I'm no expert at reading OpenLDAP log output, but FWIW...
it looks to me like you are authenticating okay, yet your groups are
malformed so you are dropping down to the who clause for users and thus
given only read access.
Apr 6 18:24:35 uranus slapd[47215]: => ldbm_back_entry_get: found
entry: "cn=admin,ou=groups,dc=mydomain,dc=net"
Apr 6 18:24:35 uranus slapd[47215]: <= ldbm_back_entry_get: failed to
find objectClass
Apr 6 18:24:35 uranus slapd[47215]: => ldbm_back_entry_get: found
entry: "cn=techs,ou=groups,dc=mydomain,dc=net"
Apr 6 18:24:35 uranus slapd[47215]: <= ldbm_back_entry_get: failed to
find objectClass
Apr 6 18:24:35 uranus slapd[47215]: <= check a_dn_pat: self
Apr 6 18:24:35 uranus slapd[47215]: <= check a_dn_pat: users
Apr 6 18:24:35 uranus slapd[47215]: <= acl_mask: [4] applying
read(=rscx) (stop)
Apr 6 18:24:35 uranus slapd[47215]: <= acl_mask: [4] mask: read(=rscx)
Apr 6 18:24:35 uranus slapd[47215]: => access_allowed: write access
denied by read(=rscx)
I'd look at those group entries.
Jon Roberts
www.mentata.com