Hi all, I'm trying to restore/move a database from one machine to another and start making sure that my client uses all the correct .ldif files. Now, I've always done a slapcat to an ldif file and used sed in place to modify/remove all the extraneous entries from the dump so I can reload. Strangely, this doesn't look like it's working this time around. I get the "Insufficient access (50) additional info: no write access to parent" Seems obvious that I don't have some type of access at the beginning of the load near the base of the tree. (After I get this, I'm inundated with ldap_add: No such object (32) since it wasn't able to write things into a non-existent structure further down)
I see a potential problem in that the tree was originally defined as dc=example,dc=com and, now, everything lives in: dc=hq,dc=example,dc=com . Is that the problem? If so, what's the easiest way around it? Ldap.conf has: BASE dc=example,dc=com Slapd.conf has: access to attrs=userPassword by self write by anonymous auth by dn="uid=syncuser,dc=hq,dc=example,dc=com" read by * compare access to attrs=sambaLMPassword,sambaNTPassword by dn="uid=syncuser,dc=hq,dc=example,dc=com" read by * none access to * by self write by * read access to dn.subtree="dc=hq,dc=example,dc=com" by self write by set="[cn=itlevel1,ou=Groups,dc=hq,dc=example,dc=com]/member* & user" write by set="[cn=ntadmins,ou=Groups,dc=hq,dc=example,dc=com]/member* & user" write by * break authz-regexp "gidNumber=0\\\+uidNumber=0,cn=peercred,cn=external,cn=auth" "cn=root,dc=hq,dc=example,dc=com" database mdb suffix "dc=hq,dc=example,dc=com"rootdn "cn=root,dc=hq,dc=example,dc=com" Thank you all! P.
