greek ordono <[EMAIL PROTECTED]> writes: > I'm getting this error: > > > > => access_allowed: read access to > "uid=techsupport,ou=Users,dc=moldex,dc=group" "userPassword" requested > => acl_get: [1] attr userPassword > > => slap_access_allowed: result not in cache (userPassword) > > => acl_mask: access to entry "uid=techsupport,ou=Users,dc=moldex,dc=group", > attr "userPassword" requested > => acl_mask: to value by "", (=0) > > <= check a_dn_pat: cn=replicator,ou=dsa,dc=moldex,dc=group > > <= check a_dn_pat: * > > <= acl_mask: [2] applying +0 (break) > > <= acl_mask: [2] mask: =0 > > => acl_get: [2] attr userPassword > > => slap_access_allowed: result not in cache (userPassword) > > => acl_mask: access to entry "uid=techsupport,ou=Users,dc=moldex,dc=group", > attr "userPassword" requested > => acl_mask: to value by "", (=0) > > <= check a_dn_pat: cn=samba,ou=dsa,dc=moldex,dc=group > > <= check a_dn_pat: cn=nssldap,ou=dsa,dc=moldex,dc=group > > <= check a_dn_pat: cn=squid,ou=dsa,dc=moldex,dc=group > > <= check a_dn_pat: self > > <= check a_dn_pat: anonymous > > <= acl_mask: [5] applying auth(=xd) (stop) > > <= acl_mask: [5] mask: auth(=xd) > > => slap_access_allowed: read access denied by auth(=xd) > > => access_allowed: no more rules > > send_search_entry: conn 9 access to attribute userPassword, value #0 not > allowed
For this search your rule no. 5 is applicable, and this rule disallows read access to attribute userPassword. Change your access rules accordingly. -Dieter -- Dieter Klünter | Systemberatung http://www.dkluenter.de GPG Key ID:8EF7B6C6
