Hello list,
I am a sysadmin with limited experience with LDAP, and I am having a
little issue with ACL's on an openldap server. The server has been
running for more than a year as an auth. backend for Plone. However,
recently I wanted to use the same user name/password information for
other purposes and then I ran into a problem:
I can not bind to the server as a non-root DN.
More concrete example:
# ldapsearch -D "cn=my_own_user_id,dc=example,dc=be" -x
(&(cn=editors)(uniqueMember=cn=someuser,dc=example,dc=be))" -W
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
I'll paste the acl's from my slapd.conf file:
access to attrs=userPassword
by dn="cn=admin,dc=example,dc=be" write
by anonymous auth
by self write
#by * none
#access to dn.base="" by * read
access to *
by dn="cn=admin,dc=example,dc=be" write
by dn="cn=admin,dc=example,dc=be" read
by * read
I would think that normally, "by anonymous auth" would allow any user
(inetOrgPerson) to bind to the server? Can anyone help?
Thanks in advance.
--
Frank Van Damme
"All PCs are compatible. But some of them are more compatible than
others." [Onbekend]
