John Nietzsche wrote:
Dear gentleman,
i have installed and configured a fully environment containg debian,
openldap, cyrus-sasl and bdb. I am facing a curious problem in my
environment:
With a ldif file i had inserted a set of user (replacing nis with
openldap). When i perform a ldapsearch on the tree whe field
userPassword is not shown (or it was not added when importing with
ldapadd).
Did anybody already face such scenario? I am losing my hairs ....
Chances are that a rather standard ACL blocks anyone from reading the
userPassword attribute. Try doing an ldapsearch while authenticated as
your admin user instead.
Also, the command "slapcat" (run as root or as the openldap user
account) will give you a complete dump of the database, with no access
lists filtering out certain information.
Please take the time to read the slapd.conf configuration file, pretty
much is documented there (including the ACLs).
--
Bjørn
