Re: Problem after migration openldap 2.3.43 to 2.4.23 --> 32 No Such Object

[Jonas Kellens <jonas.kellens@telenet.be>]

On 13-03-14 18:38, Quanah Gibson-Mount wrote:

--On Thursday, March 13, 2014 4:12 PM +0100 Jonas Kellens <jonas.kellens@telenet.be> wrote:

what kind of adjustments are needed then ?

access to dn.
          by group.exact="cn=admins,ou=101001,dc=mydomain" write
          by group.exact="cn=tbook1,ou=gebruikers,ou=101001,dc=mydomain"
read


What of the above ACL-statement is incorrect ?

Is that your one and only ACL?  I'm going to guess not.  It's not particularly easy to evaluate ACLs out of context, since the entire thing is contextual.

--Quanah

Well actually, this is the entire ACL :


database        bdb
suffix          "dc=mydomain"
rootdn          "cn=Manager,dc=mydomain"
rootpw         {SSHA}blCAG/CNdFPY597Cf4Ssujk

defaultaccess   none

access to attrs=userPassword
        by * auth

access to dn.regex="ou=tbook[12345],ou=contacten,ou=101001,dc=mydomain" attrs=children
        by group.exact="cn=admins,ou=101001,dc=mydomain" write
        by * none break

access to dn.
        by group.exact="cn=admins,ou=101001,dc=mydomain" write
        by group.exact="cn=tbook1,ou=gebruikers,ou=101001,dc=mydomain" read

access to dn.
        by group.exact="cn=admins,ou=101001,dc=mydomain" write
        by group.exact="cn=tbook2,ou=gebruikers,ou=101001,dc=mydomain" read

access to dn.
        by group.exact="cn=admins,ou=101001,dc=mydomain" write
        by group.exact="cn=tbook3,ou=gebruikers,ou=101001,dc=mydomain" read

access to dn.
        by group.exact="cn=admins,ou=101001,dc=mydomain" write
        by group.exact="cn=tbook4,ou=gebruikers,ou=101001,dc=mydomain" read

access to dn.
        by group.exact="cn=admins,ou=101001,dc=mydomain" write
        by group.exact="cn=tbook5,ou=gebruikers,ou=101001,dc=mydomain" read



Do you see anything wrong ?

As said before, works perfect on openLDAP version 2.3.42


Kind regards,
Jonas.