I tried to allow search for all users as described in
http://directory.apache.org/apacheds/1.5/enablesearchforallusers.html:
$ ldapadd -h localhost -p 10389 -D "uid=admin,ou=system" -W -f aci.ldif
Enter LDAP Password:
adding new entry "cn=enableSearchForAllUsers,dc=home"
ldap_add: Invalid syntax (21)
additional info: INVALID_ATTRIBUTE_SYNTAX: failed for Add
Request :
ClientEntry
dn: cn=enableSearchForAllUsers,dc=home
objectClass: top
objectClass: subentry
objectClass: accessControlSubentry
cn: enableSearchForAllUsers
prescriptiveACI: { identificationTag \"enableSearchForAllUsers\",
precedence 14, authenticationLevel simple, itemOrUserFirst userFirst: {
userClasses { allUsers }, userPermissions { { protectedItems {entry,
allUserAttributeTypesAndValues}, grantsAndDenials { grantRead,
grantReturnDN, grantBrowse } } } } }
subtreeSpecification: {}
: Attribute value '{ identificationTag \"enableSearchForAllUsers\",
precedence 14, authenticationLevel simple, itemOrUserFirst userFirst: {
userClasses { allUsers }, userPermissions { { protectedItems {entry,
allUserAttributeTypesAndValues}, grantsAndDenials { grantRead,
grantReturnDN, grantBrowse } } } } }' for attribute 'prescriptiveACI' is
syntactically incorrect
What is wrong?
--
Regards,
Eugene Prokopiev
