[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with ACL's: can't bind as a non-root DN



Hello list,

I am a sysadmin with limited experience with LDAP, and I am having a
little issue with ACL's on an openldap server. The server has been
running for more than a year as an auth. backend for Plone. However,
recently I wanted to use the same user name/password information for
other purposes and then I ran into a problem:

I can not bind to the server as a non-root DN.

More concrete example:

# ldapsearch -D "cn=my_own_user_id,dc=example,dc=be" -x
(&(cn=editors)(uniqueMember=cn=someuser,dc=example,dc=be))" -W
Enter LDAP Password:
ldap_bind: Invalid credentials (49)

I'll paste the acl's from my slapd.conf file:


access to attrs=userPassword by dn="cn=admin,dc=example,dc=be" write by anonymous auth by self write #by * none #access to dn.base="" by * read access to * by dn="cn=admin,dc=example,dc=be" write by dn="cn=admin,dc=example,dc=be" read by * read

I would think that normally, "by anonymous auth" would allow any user
(inetOrgPerson) to bind to the server? Can anyone help?

Thanks in advance.

--
Frank Van Damme

"All  PCs are compatible. But some of them are more compatible than
others." [Onbekend]