[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
trouble with access control
Hello,
I am new with Openldap and with this list, too.
My problem is as follows:
I have set up an openldap server with simple bind.
Everything works fine when using rootdn to acess my data.
There are several addressbooks in different dns.
My access controls are:
access to *
by * read
access to dn.subtree="dc=mydoamin,dc=tld"
by dn="uid=harry,cn=users,ou=ldapconfig,dc=mydomain,dc=tld" write
by * none
When trying to change or add a record to whatever dn I get an error that there
is no write access to this record.
Here are the syslog entries:
Apr 13 08:33:38 blechtrottel slapd[7163]: conn=4 fd=8 ACCEPT from
IP=10.255.80.1:16101 (IP=0.0.0.0:389)
Apr 13 08:33:38 blechtrottel slapd[7163]: conn=4 op=0 BIND
dn="uid=harry,cn=users,ou=ldapconfig,dc=mydomain,dc=tld" method=128
Apr 13 08:33:38 blechtrottel slapd[7163]: conn=4 op=0 BIND
dn="uid=harry,cn=users,ou=ldapconfig,dc=mydomain,dc=tld" mech=SIMPLE ssf=0
Apr 13 08:33:38 blechtrottel slapd[7163]: conn=4 op=0 RESULT tag=97 err=0
text=
Apr 13 08:33:38 blechtrottel slapd[7163]: conn=4 op=1 SRCH
base="ou=Kunden,ou=Dr. Harry Knitter EDV-Beratung,dc=mydomain,dc=tld" scope=1
deref=0 filter="(objectClass=*)"
Apr 13 08:33:38 blechtrottel slapd[7163]: conn=4 op=1 SRCH attr=l cn
description facsimileTelephoneNumber sn displayName givenName jpegPhoto mail
mobile o pager homePhone postalCode st street telephoneNumber title uid
Apr 13 08:33:38 blechtrottel slapd[7163]: conn=4 op=1 SEARCH RESULT tag=101
err=0 nentries=22 text=
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=5 fd=14 ACCEPT from
IP=10.255.80.1:16102 (IP=0.0.0.0:389)
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=5 op=0 BIND
dn="uid=harry,cn=users,ou=ldapconfig,dc=mydomain,dc=tld" method=128
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=5 op=0 BIND
dn="uid=harry,cn=users,ou=ldapconfig,dc=mydomain,dc=tld" mech=SIMPLE ssf=0
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=5 op=0 RESULT tag=97 err=0
text=
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=5 op=1 SRCH
base="ou=Kunden,ou=Dr. Harry Knitter EDV-Beratung,dc=mydomain,dc=tld" scope=1
deref=0 filter="(uid=kaiphw92rb)"
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=5 op=1 SRCH attr=dn
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=5 op=1 SEARCH RESULT tag=101
err=0 nentries=0 text=
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=4 op=2 ADD dn="cn=test
test,ou=Kunden,ou=Dr. Harry Knitter EDV-Beratung,dc=mydomain,dc=tld"
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=4 op=2 RESULT tag=105 err=50
text=no write access to entry
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=4 op=3 UNBIND
Apr 13 08:34:00 blechtrottel slapd[7163]: conn=4 fd=8 closed
What´s wrong?
Thanks for help.
Regards
Harry