[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL and set problem

To: openldap-technical@openldap.org
Subject: ACL and set problem
From: Cole <cole@opteqint.net>
Date: Thu, 18 Feb 2016 10:09:38 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=opteqint-net.20150623.gappssmtp.com; s=20150623; h=mime-version:date:message-id:subject:from:to:content-type; bh=rZwO2ryEYW07aKYrJLrvP/zTRJchFEIEflGX7U0WfdU=; b=DpqyGD8pY+sYUV3Cmp5acaQbv2DKxzxzaru1GfKaUGJ39hy7dqFgWrwB2cGX+k4tyQ LQs9qTShI3+EqC7o00em8uG26kfDDRD3Rd5Xx999D3wOPvvXpgb2oZ1QX8O/feTcIlK6 WcFd40wUJYxZJhtUtB2DTyz7VXUASlPsyOXKxAktySmJAdmP8haFYNvjP+vw412cLW4x sPuNc53jOWEM+I6RBzg7+P7R2U5ZY1Cv9qZ0WfZx90s1R0OFXQKgQaVnqWcJvz3S7/Q4 D0G0/qTUDrCagh49bF56jgYzIupenVBKsJWOA0y7XCJYehxLVpGDWMGDNfrhwNGM9vra 58iA==

Hi,

I have setup openldap and managed to get everything working, except
for limiting access using an ACL with a set.

Here is the output of the database and config:
https://gist.github.com/onslauth/d6502df4d395dbdf9b19

What I want to achieve, is to limit ssh access to a computer, by
adding users or groups to the cn=10.0.0.92,ou=servers group. When I
try to bind to openldap with a user in the afore mentioned group, I
get "Invalid credentials" error.

I have included at the bottom of the gist the ACL log level output. As
you can see, the set seems to be expanded correctly, but it doesn't
seem to match the 'user' used for the bind.

Can anyone see anything wrong with my setup?

Thanks
/Cole

Prev by Date: Re: chain-uri with a blank?
Next by Date: slapo-accesslog: wrong timestamp microseconds
Index(es):
- Chronological
- Thread