[Date Prev][Date Next] [Chronological] [Thread] [Top]

Addressbook ACL woes



Hi Folks

I have the following ACL

# allow user to create entries in own addressbook; no-one else can access it
# needs write access to the entries ENTRY attribute ...
access to dn.regex="cn=([^,]+),ou=personal,ou=contacts,dc=graylion,dc=net$"
        attrs=entry,@inetOrgPerson,@mozillaAbPersonAlpha
        by dn.regex="uid=$1,ou=accounts,dc=graylion,dc=net" write
        by dn.regex="cn=admin,dc=graylion,dc=net" read
        by users none

# ... and the entries CHILDREN
access to dn.regex="cn=([^,]+),ou=personal,ou=contacts,dc=graylion,dc=net$"
        attrs=children
        by dn.regex="uid=$1,ou=accounts,dc=graylion,dc=net" write
        by dn.regex="cn=admin,dc=graylion,dc=net" read
        by users none

when I try to create an addressbook entry I get the following error message:

Apr 4 19:27:31 collab slapd[32121]: conn=30 op=4 ADD dn="cn=graylion,ou=personal,ou=contacts,dc=graylion,dc=net"
Apr 4 19:27:31 collab slapd[32121]: conn=29 op=5 ADD dn="uid=3c1fe30f930ea6cf1c0a85cd76d2b52d,cn=graylion,ou=personal,ou=contacts,dc=graylion,dc=net"
Apr 4 19:27:31 collab slapd[32121]: conn=29 op=5 RESULT tag=105 err=50 text=no write access to parent
Apr 4 19:27:31 collab slapd[32121]: conn=30 op=4 RESULT tag=105 err=0 text=


even though it just added the parent?? consecutive attempts do not bring any help.

any help appreciated

cheers

Bernhard
--
Graylion's Fetish & Fashion Store
Goth and Kinky Boots, Clothing and Jewellery
http://www.graylion.net