Dear Marc Thanks for your update. We are able to fix the issue.
Geo *Thanks & Regards Geo P.C. www.geopc.co.cc* On Tue, May 14, 2013 at 9:13 PM, Marc Patermann < [email protected]> wrote: > Geo, > > Geo P.C. schrieb (14.05.2013 16:05 Uhr): > > > But with this no user can able to login. But we change olcAccess: {3}to >> dn.subtree="ou=People,dc=**prime,dc=ds,dc=geo,dc=com" by self write by * >> write , all users can login. >> >> But actually we need is only the user1 need only to login to gitlab >> application. And the users user2 and user3 need only to login to zabbix >> application >> >> Can anyone please help me to configure acl for this. Thanks in advance. >> > First: you should read "man slapd.access" carefully. > > Second: a) Try to understand what your application wants to do and > b) try to reproduce this with standard ldap tools like > ldapsearch. > > Point a) can be done be observing the slapd log for actions taken by your > application or read the documentation of your application. > What usually happens, is: > - App bind with binddn (does this work?) > - bind user searches for a given uid under basedn (does this work?) > => reproduce with ldapsearch -D -w -x -b ... > - If user is found by the search, App will bind as user with found dn. > (does this work?) > => reproduce with ldapsearch -D -w -x ... > > After you know what really does happen, set the ACLs accordingly. > Test again. > > > Marc >
