[Date Prev][Date Next] [Chronological] [Thread] [Top]

no write access to parent

To: OpenLDAP <openldap-software@openldap.org>
Subject: no write access to parent
From: Irina Shetukhina <irka@masterhost.ru>
Date: Wed, 11 Feb 2009 19:50:26 +0300
Organization: .masterhost

Hi.

There is acl in slapd.conf:

access to dn.one="ou=personal,ou=groups,o=vega"
        by group/groupOfUniqueNames/uniqueMember="cn=users-admins,ou=groups,o=vega" write
        by group/groupOfUniqueNames/uniqueMember="cn=tree-admins,ou=groups,o=vega" write
        by users read

And when  any  of  the  members of "cn=users-admins,ou=groups,o=vega"
tries to add a new object, he's got an error:
 no write access to parent

But he can modify exiting object without errors.

If I change dn.one to dn.sub, there is no errors at all.

Could anybody explain, what modification needs to parent object?

Our system:
$ uname -rs; pkg_info -Ix openldap-serv
FreeBSD 7.1-amd64-20090114-RELENG_7_1
openldap-server-2.4.13 Open source LDAP server implementation


-- 
Irina Shetukhina

Follow-Ups:
- Re: no write access to parent
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: RE: Paged Results Control questions
Next by Date: RE: Paged Results Control questions
Index(es):
- Chronological
- Thread