Hi,
I have these ACLs in place:
olcAccess: {0}to dn.base="dc=teckids,dc=org"
by group.exact="cn=ldapadmin,ou=Groups,dc=teckids,dc=org" manage
by dn="cn=admin,dc=teckids,dc=org" manage
by self read continue
by * auth break
olcAccess: {1}to dn.base="ou=Mailinglists,dc=teckids,dc=org"
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
continue
by * break
olcAccess: {2}to attrs=userPassword,shadowLastChange,loginShell
by self write continue
by anonymous auth continue
by * break
olcAccess: {3}to dn.subtree="ou=People,dc=teckids,dc=org"
attrs=cn,uid,loginShell,homeDirectory,uidNumber,gidNumber,gecos
by dn="cn=nslcd,dc=teckids,dc=org" read continue
by * break
olcAccess: {4}to dn.subtree="ou=People,dc=teckids,dc=org"
attrs=uid,mailLocalAddress,mailRoutingAddress
by dn="cn=postfix,dc=teckids,dc=org" read continue
by * break
olcAccess: {5}to dn.subtree="ou=Members,ou=People,dc=teckids,dc=org"
attrs=employeeNumber
by dn.subtree="ou=Board,ou=Members,ou=People,dc=teckids,dc=org" read
continue
by * none stop
olcAccess: {6}to dn.subtree="ou=Members,ou=People,dc=teckids,dc=org"
by dn.subtree="ou=Members,ou=People,dc=teckids,dc=org" read continue
by * break
olcAccess: {7}to dn.subtree="ou=Groups,dc=teckids,dc=org"
by dn="cn=nslcd,dc=teckids,dc=org" read continue
by * break
olcAccess: {8}to dn.subtree="ou=Domains,dc=teckids,dc=org"
by dn="cn=postfix,dc=teckids,dc=org" read continue
by * break
olcAccess: {9}to attrs=cn,uid,userPassword
by * auth break
But still, even a simple bind fails because it somehow does not get the auth
privileges defined in the first stanza.
The ACL log says: http://paste.ubuntu.com/7544324/
What did I miss?
Cheers,
Nik
Attachment:
signature.asc
Description: This is a digitally signed message part.