I have a very simple config that I can show with ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=config olcDatabase=\* dn: olcDatabase={-1}frontend,cn=config objectClass: olcDatabaseConfig olcDatabase: {-1}frontend olcAccess: {0} to * by dn="cn=Manager,dc=local,dc=bob,dc=com" manage dn: olcDatabase={0}config,cn=config objectClass: olcDatabaseConfig olcDatabase: {0}config olcAccess: {0} to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external l,cn=auth" manage olcAccess: {1} to * by dn="cn=Manager,dc=local,dc=bob,dc=com" manage dn: olcDatabase={1}monitor,cn=config objectClass: olcDatabaseConfig olcDatabase: {1}monitor olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external ,cn=auth" read by dn.base="cn=Manager,dc=my-domain,dc=com" read by * none dn: olcDatabase={2}mdb,cn=config objectClass: olcDatabaseConfig objectClass: olcMdbConfig olcDatabase: {2}mdb olcDbIndex: objectClass eq,pres olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub olcDbDirectory: /data/openldap olcRootDN: cn=Manager,dc=local,dc=bob,dc=com olcSuffix: dc=local,dc=bob,dc=com olcRootPW: {SSHA}3E+8/IcRHHTNez5QXlyRMP6mCZODN3LE olcAccess: {0} to * by dn="cn=Manager,dc=local,dc=bob,dc=com" manage With this config,.shouldn’t this work as well ldapsearch -x -W -D cn=Manager,dc=local,dc=bob,dc=com -b cn=config olcDatabase=\* My other question is where is there a reference to exactly what “gidNumber=0+uidNumber=0,cn=peercred,cn=external ,cn=auth" means. I can’t seem to find one. Thanks Nick |