[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: what is wrong with my permissions?
Hi Ferenc,
Thank you for help. I did look at the link, and even tried to
understand rules earlier. Hence, we see albeit poorly written
something....
I also appreciate you helping me earlier, when I was just starting
with OpenLDAP.
I want it to be something like:
olcAccess: {1}to * by dn="cn=config" manage
Basically, I want dn=cn=config to have full root access over
everything. I also want this password ideally to be password
protected.
Does it make sense? Can it be done?
Sincerely,
Igor Shmukler
On Thu, Mar 19, 2015 at 2:13 PM, Ferenc Wagner <wferi@niif.hu> wrote:
> Igor Shmukler <igor.shmukler@gmail.com> writes:
>
>> $ sudo ldapdelete -Y external -H ldapi:/// cn=john,dc=directory,dc=com
>> SASL/EXTERNAL authentication started
>> SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
>> SASL SSF: 0
>> ldap_delete: Insufficient access (50)
>> additional info: no write access to parent
>>
>> As you suggested, this is not working. Can this work somehow? I would
>> rather just cn=config with a password, which I am able to set. LDAPI
>> is work too, although not my preferred route.
>
> Add your olcAccess rules to the right database. Or to the frontend
> database. It's explained in the link I gave you:
> http://www.openldap.org/devel/admin/slapdconf2.html#Access%20Control%20Evaluation
> --
> Regards,
> Feri.