Dieter Kluenter wrote: > JOYDEEP <[EMAIL PROTECTED]> writes: > > >> Dear list, >> >> Please see below my LDAP structure >> > > [...] > >> *################ personal ACL ####################### >> access to >> dn.regex="cn=([^,]+),ou=personal,ou=contacts,ou=contacts,virtualDomain=([^,]+),dc=suse,dc=ldap$" >> by dn.exact,expand="uid=$1,ou=users,virtualDomain=$2,dc=suse,dc=ldap" >> read >> by * none >> >> access to >> dn.regex="cn=([^,]+),ou=personal,ou=contacts,,ou=contactsvirtualDomain=([^,]+),dc=suse,dc=ldap$" >> by dn.regex="uid=$1,ou=users,virtualDomain=$2,dc=suse,dc=ldap" write >> by * none >> ################################################# >> >> the log reports ****tag=105 err=50 text=no write access to parent********** >> could any one suggest how to solve the problem ? >> thanks >> > > Allow access to the pseudo attributs entry and children of the parent. > > access to > dn.regex=^ou=personal,ou=contacts,ou=contactsvirtualDomain..... > attrs=entry,children,@someObjectClass > by ... > > -Dieter > > Thanks Dieter for your response,
I have modified the ACL according to your suggestion and it is access to dn.regex="^ou=personal,ou=contacts,ou=contacts,virtualDomain=([^,]+),dc=suse,dc=ldap$" attrs=entry,children,@inetOrgPerson,@mozillaAbPersonAlpha,@evolutionPerson by dn.exact,expand="uid=$1,ou=users,virtualDomain=$2,dc=suse,dc=ldap" write by * none but still I have the same problem and the log reports as conn=40 op=2 ADD dn="uid=d61af5515669698f52734f247c0f68ae,cn=bisu,ou=personal,ou=contacts,ou=contacts,virtualDomain=kolkata.opendingo.com,dc=suse,dc=ldap" Jul 9 08:00:53 lvps87-230-8-228 slapd[14106]: conn=40 op=2 RESULT tag=105 err=50 text=no write access to parent Please help me to solve it. thanks a lot for your help
