> Hi, > > I've posted the following question, but no one seemed to answer it. I > guess that I'm missing something trivial. I would appreciate if someone > could help. > > Thanks, > Eran > > // Original message > /////////////////// > > Hi, > > I've added SASL configuration to the test slapd that I'm using. I've > added the following to the slapd.conf: > > disallow bind_simple > disallow bind_anon > sasl-secprops noanonymous > sasl-host localhost > > ####################################################################### > # BDB database definitions > ####################################################################### > > I've added a test user using the saslpasswd2 utility. When I'm trying to > access the bdb database, everything seems to be OK. But, when I try to > search the "cn=config" sub tree, I get the following: > > ldapsearch -a always -O noanonymous -U [EMAIL PROTECTED] -Y login -w > password -b "cn=schema,cn=config" > SASL/LOGIN authentication started > SASL username: [EMAIL PROTECTED] > SASL SSF: 0 > # extended LDIF > # > # LDAPv3 > # base <cn=schema,cn=config> with scope subtree > # filter: (objectclass=*) > # requesting: ALL > # > > # search result > search: 4 > result: 50 Insufficient access > > # numResponses: 1 > > Can someone please explain what I'm missing here.
Did you set that user (actually, the DN it's expanded as; see authz-regexp in slapd.conf(5)) as the rootdn of the config database? For example, database config rootdn "uid=erantest,cn=eranl,cn=login,cn=auth" p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: [EMAIL PROTECTED] ------------------------------------------
