Am Tue, 5 Jul 2011 19:33:05 -0300 schrieb Friedrich Locke <[email protected]>:
> So what should be the rules for monitor database? > I don't want my users looking up in my openldap server status. > May you provide rules for the monitor database? > > Thanks > > On Tue, Jul 5, 2011 at 6:03 PM, <[email protected]> wrote: > >> I have configured database monitor and setted two access rules in > >> its context. By the log messages below keep annoying me: > >> > >> /etc/openldap/slapd.conf: line 110: warning: cannot assess the > >> validity of the ACL scope within backend naming context > >> Backend ACL: access to dn.subtree="cn=monitor" > >> by dn.base="cn=oldap,dc=ufv,dc=br" read > >> by * none > >> > >> Backend ACL: access to * > >> by * none > > > > Remove this rule. It's pleonastic (never used) because, as the > > message says, it's outside the naming context. All data within the > > naming scope is intercepted by the previous rule. > > > > p. > > > >> /etc/openldap/slapd.conf: line 123: warning: cannot assess the > >> validity of the ACL scope within backend naming context > >> Backend ACL: access to * > >> by * none > >> > >> config_back_db_open: line 0: warning: cannot assess the validity of > >> the ACL scope within backend naming context > >> slapd starting > >> > >> > >> How may i "fix" that. (Altough i used the word "fix", i know it is > >> not a error message). Declare the access rules within the context of the monitor database. dn:olcDatabase=monitor,cn=config olcAccess: to dn.subtree=cn=monitor by users read -Dieter -- Dieter Klünter | Systemberatung sip: [email protected] http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6
