Hi All,I am getting ACL Syntax Error(-5) when trying to add ACI to my freeIPA
server. Any idea why i am getting this error?
This is the error i am getting:
ldap_modify: Invalid syntax (21)
additional info: ACL Syntax
Error(-5):(targetattr=\22userclass\22)(targetfilter=\22(objectclass=ipahost)\22)(version3.0;
acl \22permission:Allow admin to modify hosts membership within permitted
hostgroups\22; allow (write) groupdn
=\22ldap:///cn=testadmingroup,cn=groups,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com\22;)
my ldif entries:
dn: cn=computers,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com
add: aci
aci: (targetattr = "userclass")(targetfilter =
"(objectclass=ipahost)")(version3.0;acl "permission:Allow admin to modify
hosts membership within permitted hostgroups";allow (write) groupdn
="ldap:///cn=testadmingroup,cn=groups,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com";;)
Also, one general question i should be able to view the ACI under freeIPA
permission tab once it gets created correct?
Thanks & regards,Deepak
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
