The ypldap access should be before the one that limits more - the more restrictive one will match first.
If that account is intended as you main 'root'-ish account, it should probably be granted access to all right off the bat. Also: change your ldap password now. (I've done this; sent a password to the mailing list - dumb). - chris Chris Jacobs, Systems Administrator, Technology Services Group Apollo Group | Apollo Marketing & Product Development | Aptimus, Inc. 2001 6th Ave | Ste 3200 | Seattle, WA 98121 phone: 206.839-8245 | cell: 206.601.3256 | Fax: 208.441.9661 email: [email protected] ----- Original Message ----- From: [email protected] <[email protected]> To: [email protected] <[email protected]> Sent: Mon Jul 04 11:19:45 2011 Subject: cannot access entries Hi list members, i am trying to configure accesses to my ldap server, but i am doing some wrong i am not aware about. The access list is below: access to dn.one="ou=appsrv,dc=ufv,dc=br" attrs=userpassword by self read by anonymous auth by * none access to dn.one="ou=appsrv,dc=ufv,dc=br" by self read by * none access to dn.one="ou=people,dc=ufv,dc=br" attrs=userpassword by self read by anonymous auth by * none access to dn.one="ou=people,dc=ufv,dc=br" by self read by dn.exact="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read by * none access to dn.one="ou=group,dc=ufv,dc=br" by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read by * none ======================================= The command i am executing and its output is below sioux@gustav$ ldapsearch -x -w ypldapA4esuopdV -D cn=ypldap,ou=appsrv,dc=ufv,dc=br -b ou=people,dc=ufv,dc=br -s one # extended LDIF # # LDAPv3 # base <ou=people,dc=ufv,dc=br> with scope oneLevel # filter: (objectclass=*) # requesting: ALL # # search result search: 2 result: 32 No such object # numResponses: 1 sioux@gustav$ Why am i not getting a list of entries below ou=people,dc=ufv,dc=br ? Thanks in advance. This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.
