Yesssssssss, it worked like a charm!!! Thank you very much!! Regards,
Hendrik van der Ploeg The Netherlands On Tue, 22 Mar 2011 12:39:18 +0200, Buchan Milne <[email protected]> wrote: > On Tuesday, 22 March 2011 12:12:53 Hendrik van der Ploeg wrote: >> ok thanks, >> >> But how can I set the user in a seperate database to have access to a >> different database? > >> > Use a separate local database with a suitable backend (e.g. hdb or >> > bdb). > > Any "local" DN can appear in access control statements for any other > database. > > Here is one example (allowing "local" users in > dc=ranger,dc=dnsalias,dc=com > access to cn=config) > > [bgmilne@tiger ~]$ ldapsearch -Q -LLL -b cn=config "(olcDatabase=config)" > olcAccess > dn: olcDatabase={0}config,cn=config > olcAccess: {0}to * by group="cn=LDAP Admins,ou=System > Groups,dc=ranger,dc=dnsa > lias,dc=com" ssf=112 write > olcAccess: {1}to * by * none > > [bgmilne@tiger ~]$ ldapwhoami -Q > dn:uid=bgmilne,ou=people,dc=ranger,dc=dnsalias,dc=com > [bgmilne@tiger ~]$ ldapcompare -Q 'cn=LDAP Admins,ou=System > Groups,dc=ranger,dc=dnsalias,dc=com' > member:uid=bgmilne,ou=people,dc=ranger,dc=dnsalias,dc=com > TRUE > > (BTW, please keep replies on-list, and while we're at it, try avoid > unnecessary top-posting) > > Regards, > Buchan -- Hendrik van der Ploeg Competa IT ( http://www.competa.com ) Verrijn Stuartlaan 20 2288 EL Rijswijk the Netherlands Phone: +31(0)704277555 Fax: +31(0)704277554
