On Thu, 2005-12-22 at 16:19 +0200, Amir Saad wrote: > i use openldap 2.3.11 , Heimdal Kerberos , Fedora 4
... > here is my ACL files: (manager is my rootdn) > ************************************************************************************************************************* > access to dn.regex="uid=(.*),ou=People,dc=test,dc=domain,dc=mydomain,dc=org" > attrs=userPassword > by dn="cn=Manager,dc=test,dc=domain,dc=mydomain,dc=org" write > by self write > by * auth > access to dn.regex="uid=(.*),ou=People,dc=test,dc=domain,dc=mydomain,dc=org" > by * read > access to dn.regex="uid=(.*),ou=People,dc=test,dc=domain,dc=mydomain,dc=org" > by self write > by * read > ************************************************************************************************************************* I don't know if that's part of the problem, but in your ACLs you're building up most, if not all, the common errors that are widely illustrated in slapd.access(5) and in the FAQ. Did you read (and understand) any of those docs before implementing your own ACLs? I note the OpenLDAP Project routinely gets complaints about the lack of documentation; when documentation is available, it appears that people don't really bother at reading (and understanding) it, so what really pays back for the effort of writing and keeping it updated? p. Ing. Pierangelo Masarati Responsabile Open Solution OpenLDAP Core Team SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: [EMAIL PROTECTED] ------------------------------------------
