version: 1 dn: uid=admin2,ou=systemobjectclass: organizationalPersonobjectclass: personobjectclass: inetOrgPersonobjectclass: topcn: admin2sn: admin2mail: admin@umem.orguid: admin2userPassword:: REMOVED for e-mailadministrativeRole: accessControlSpecificAreacreateTimestamp: 20111104121155ZcreatorsName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=systementryCSN: 20111104121347.312000Z#000000#000#000000entryParentId: 1entryUUID:: REMOVED for e-mailmodifiersName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=systemmodifyTimestamp: 20111104121347ZpwdHistory:: REMOVED for e-mail
On Fri, Nov 4, 2011 at 9:01 AM, Emmanuel Lecharny <elecha...@gmail.com> wrote: > On 11/4/11 1:23 PM, Kevin Hamilton wrote: >> >> Hey Oliver, >> >> Thanks so much for your response. I followed your instructions and >> still had trouble. >> >> I checked the source of the prescriptive ACI in my new entry. The >> source is below. >> >> { >> identificationTag "admin2Tag", >> precedence 0, >> authenticationLevel simple, >> itemOrUserFirst userFirst: >> { >> userClasses >> { >> name { "uid=admin2,ou=system" } >> } >> , >> userPermissions >> { >> { >> protectedItems { allUserAttributeTypesAndValues, entry }, >> grantsAndDenials >> { >> grantBrowse, >> grantCompare, >> grantRename, >> grantExport, >> grantRead, >> grantModify, >> grantDiscloseOnError, >> grantFilterMatch, >> grantImport, >> grantAdd, >> grantInvoke, >> grantRemove, >> grantReturnDN >> } >> } >> } >> } >> } >> >> >> When I try to add this, I get a constraint violation that says ERR_277 >> Attribute userPassword not declared in objectClasses of entry >> cn=admin2Test,uid=admin2,ou=system > > Can you provide the LDIF for this entry ? > > > -- > Regards, > Cordialement, > Emmanuel Lécharny > www.iktek.com > > -- Thanks, Kevin