On 31-03-14 12:52, Hallvard Breien Furuseth wrote:On Mon, 2014-03-31 at 10:43 +0200, Jonas Kellens wrote:Well actually, this is the entire ACL : (...) defaultaccess noneThe defaultaccess keyword disappeared in OpenLDAP 2.1, and 2.4 won't start with it. Unless you're using a hacked version of OpenLDAP. Anyway, that's the default in RE24 for a database which has other access statements. And searching also needs "search" access to search-related items, like the baseDN. See man slapd.access. So you get what you're specifying: No access to baseDN of your search. Append something like this to access list: access to * by * search Hello, made the change and added the extra line to /etc/openldap/slapd.conf remove the line with "defaultaccess none" ! The output has changed from "32 No Such Object" to "result: 0 Success". Which is a step forward, but still no results. When I query with cn=Manager, then the results are shown : [root@slap01 ]# ldapsearch -x -D 'cn=Manager,dc=mydomain' -b "ou=tbook1,ou=contacten,ou=101001,dc=mydomain" -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <ou=tbook1,ou=contacten,ou=101001,dc=mydomain> with scope subtree # filter: (objectclass=*) # requesting: ALL # # tbook1, contacten, 101001, mydomain dn: ou=tbook1,ou=contacten,ou=101001,dc=mydomain ou: tbook1 objectClass: organizationalUnit objectClass: top <snip results> # search result search: 2 result: 0 Success # numResponses: 5 # numEntries: 4 But when I query with the user cn=U101001, then there are no results : [root@slap01 ]# ldapsearch -x -D 'cn=U101001,ou=101001,dc=mydomain' -b "ou=tbook1,ou=contacten,ou=101001,dc=mydomain" -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <ou=tbook1,ou=contacten,ou=101001,dc=mydomain> with scope subtree # filter: (objectclass=*) # requesting: ALL # # search result search: 2 result: 0 Success # numResponses: 1 Can you help me further ? Thanks, Jonas. |