[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
I have followed the format in slapd.access. How can this still be a bad dn??
- To: openldap-software@OpenLDAP.org
- Subject: I have followed the format in slapd.access. How can this still be a bad dn??
- From: jay alvarez <ldapb0y@yahoo.com>
- Date: Tue, 28 Jun 2005 02:12:43 -0700 (PDT)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=6A2b32IY+oQlkXFGyAu+OG/DFnI8Tm8DPsCvI0dfYUruEZh9tYdUV8pEsVGkB24w0hknRkLYvR2k1eGutrdwbu4zONBHqMcTSZk8UFOkAU7SnVf8m8Bud2LBoJrGcJDDPHmNWfKMGNjnpDqOkLYQmfQlwXT8iKU5Txo1ZncEbG4= ;
Hi,
My access list is very simple, grant access to
everyone to anywhere by my sasl converted dn.
Here's the config directives:
#sasl-host gaheris.camlann.pregi.net
sasl-realm CAMLANN.PREGI.NET
sasl-regexp
uid=(.*),cn=camlann.pregi.net,cn=gssapi,cn=auth
uid=$1,ou=staff,dc=preginet
#<<< Begin Access Control >>>
access to * by dn="uid=matato,ou=staff,dc=preginet"
read
When I change this access to * by *, the regexp works
and I can see that
uid=matato,cn=CAMLANN.PREGI.NET,cn=gssapi,cn=auth
is being replaced by:
uid=matato,ou=staff,dc=preginet
How come when I change the access to:
access to * by dn="uid=matato,ou=staff,dc=preginet"
read
It says bad DN:
I've read slapd.access(5) and I've followed this
format
access to *
by dn[.<dnstyle>[,<modifier>]]=<DN> read
Such that if I were to give a read access to
uid=matato,ou=staff,dc=preginet.. I would say
by dn="uid=matato,ou=staff,dc=preginet" or
by dn.exact="uid=matato,ou=staff,dc=preginet"
But still, I get the same error:
line 10: bad DN "uid=matato,ou=staff,dc=preginet" in
by DN clause
BTW. I've been to the faq and found this but didn't
quite helped me...
"The target (or other) DN of the operation is invalid.
This implies that either the string representation of
the DN is not in the required form, one of the types
in the attribute value assertions is not defined, or
one of the values in the attribute value assertions
does not conform to the appropriate syntax. "
I can't see why the I have supplied dn is being
treated invalid after following the slapd.access
format....
Any idea?
Thanks!
____________________________________________________
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football
http://football.fantasysports.yahoo.com