version: 1
dn: uid=admin2,ou=systemobjectclass: organizationalPersonobjectclass:
personobjectclass: inetOrgPersonobjectclass: topcn: admin2sn:
admin2mail: admin@umem.orguid: admin2userPassword:: REMOVED for
e-mailadministrativeRole: accessControlSpecificAreacreateTimestamp:
20111104121155ZcreatorsName:
0.9.2342.19200300.100.1.1=admin,2.5.4.11=systementryCSN:
20111104121347.312000Z#000000#000#000000entryParentId: 1entryUUID::
REMOVED for e-mailmodifiersName:
0.9.2342.19200300.100.1.1=admin,2.5.4.11=systemmodifyTimestamp:
20111104121347ZpwdHistory:: REMOVED for e-mail
On Fri, Nov 4, 2011 at 9:01 AM, Emmanuel Lecharny <elecha...@gmail.com> wrote:
> On 11/4/11 1:23 PM, Kevin Hamilton wrote:
>>
>> Hey Oliver,
>>
>> Thanks so much for your response. I followed your instructions and
>> still had trouble.
>>
>> I checked the source of the prescriptive ACI in my new entry. The
>> source is below.
>>
>> {
>> identificationTag "admin2Tag",
>> precedence 0,
>> authenticationLevel simple,
>> itemOrUserFirst userFirst:
>> {
>> userClasses
>> {
>> name { "uid=admin2,ou=system" }
>> }
>> ,
>> userPermissions
>> {
>> {
>> protectedItems { allUserAttributeTypesAndValues, entry },
>> grantsAndDenials
>> {
>> grantBrowse,
>> grantCompare,
>> grantRename,
>> grantExport,
>> grantRead,
>> grantModify,
>> grantDiscloseOnError,
>> grantFilterMatch,
>> grantImport,
>> grantAdd,
>> grantInvoke,
>> grantRemove,
>> grantReturnDN
>> }
>> }
>> }
>> }
>> }
>>
>>
>> When I try to add this, I get a constraint violation that says ERR_277
>> Attribute userPassword not declared in objectClasses of entry
>> cn=admin2Test,uid=admin2,ou=system
>
> Can you provide the LDIF for this entry ?
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>
--
Thanks,
Kevin
