> On 26 Feb 2019, at 05:09, Anuj Borah <[email protected]> wrote:
>
>
>
> Hi all,
>
> We have recently implemented Filter and Anonymous to lib389 . But it seems
> like Filter does not work with Anonymous connection .
> It actually does not work with any kind of connection whether ACI allow or
> not rather than root .
>
> My suspense is it is related to this issue which is not yet fixed:
> https://pagure.io/389-ds-base/issue/50137
>
> Please check attached test case .
I suspect they are not related, more likely the access control in your test
doesn’t allow anonymous to search objectClass under DEFAULT_SUFFIX. If you
change it to:
Domain(topo.standalone, DEFAULT_SUFFIX).replace("aci",
'(target="ldap:///{}";)(targetattr=“mail || objectClass")(version 3.0; acl
"Test";allow (read,search,compare) (userdn = "ldap:///anyone";);
)'.format(DEFAULT_SUFFIX))
(I hope I have the aci syntax correct)
>
> Regards
> Anuj Borah
> <test.py>_______________________________________________
> 389-devel mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/[email protected]
—
Sincerely,
William Brown
Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
