[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Possible ACL Issue while try to read Root DSE
Am 28.11.2011 21:48, schrieb Quanah Gibson-Mount:
> --On Monday, November 28, 2011 9:34 PM +0100 Axel Birndt
> <towerlexa@gmx.de> wrote:
>
>> But if i use ldapsearch with the following command i got nothing:
>>
>> ldapsearch -b "" -s base 'objectclass=*'
>>
>> ldap_sasl_interactive_bind_s: No such object (32)
> It is clearly failing with anonymous binds. So yes, this would be an ACL
> issue. I would suggest you peruse your ACLs and fix accordingly.
Ok thanks. Of course i will fix my acl's, but in the moment its not
clear for me how i've to change my acl's.
Here are my acls for the
olcDatabase={1}hdb,cn=config
-----------------------------------
olcAccess
(5 values)
{0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=2axelscompany,
dc=ro" write by anonymous auth by self write by * none
{1}to dn.base="" by * read
{2}to dn.base="cn=subschema" by * read
{3}to dn.base="cn=schema,cn=config" by * read
{4}to * by dn="cn=admin,dc=2axels-company,dc=de" write by * read
Could you please double check, my acl's?
i've added the entrys {2} and {3} after the hint to make the schema and
subschema readable for all, but i'am afraid i make a mistake.
Otherwise i setup my openldap server with the following guide:
http://wiki.ubuntuusers.de/OpenLDAP
--
Gruß Axel
------------------------------