Net Warrior wrote: > HI Masarati. > >> I assume the wrapping of those lines is caused by your mailer; remember >> that continuation lines in slapd have to start with a blank (space, tab) > That's true > >> This "set" statement contains an error: a closing bracket ")" is >> missing; I believe this is breaking your ACL. To check, remove the >> "set" clause and leave just the "peername" clause (in general: before >> assuming the error in one place, remove all possible cruft from 'round >> it, to remove all possible noise). > > Thanks you for pointing that out, corrected. > >> To check, remove the >> "set" clause and leave just the "peername" clause > > Done > access to attrs=userPassword,shadhowLastChange > by peername.ip=172.16.4.100 auth > by self write > by * none > > And cannot login, I've configured acl log, do you want to post some of them? > What I noted is that if I add by anoynymous auth I can login, but if I > change for example > by peername.ip=172.16.4.100 none, is the same, is seems as if it did not > take into account the first rule.
Going back too your initial message, it appears that incoming connections are issued by 172.16.4.120, not 172.16.4.100: Jan 1 17:56:48 netwarrior slapd[2498]: conn=9 fd=13 ACCEPT from IP=172.16.4.120:53861 (IP=0.0.0.0:636) Can you re-check this? p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: [EMAIL PROTECTED] --------------------------------------- --- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
