>>> Quanah Gibson-Mount <[email protected]> schrieb am 22.02.2022 um 17:49 in Nachricht <6D8946CEFE1406A76522A36F@[192.168.1.12]>:
> > --On Tuesday, February 22, 2022 12:44 PM +0100 Ulrich Windl > <[email protected]> wrote: > >>>>> Quanah Gibson-Mount <[email protected]> schrieb am 18.02.2022 um >>>>> 22:37 >> in >> Nachricht <8A1ED4C1E941394D45838C24@[192.168.1.12]>: >> >>> >>> ‑‑On Friday, February 18, 2022 9:03 AM +0100 Ulrich Windl >>> <[email protected]‑regensburg.de> wrote: >>> >>>> But I should be able to query it, right? If so what is the correct >>>> filter expression? >>> >>> >>> Yes, if you query the right place. I.e., cn=subschema: >>> >>> ldapsearch ... ‑s base ‑b "cn=subschema" + >> >> When I try that I get "No such object", and when I try > > Then you used a bind identity that doesn't have access to cn=subschema. > Generally it is advised that cn=subschema should be readable by anyone. I have this in "dn: olcDatabase={-1}frontend,cn=config": olcAccess: {0}to dn.exact="" by * read olcAccess: {1}to dn.base="cn=Subschema" by * read Shouldn't that do? > > --Quanah
