Full_Name: Ali Pouya Version: 2.2.4alpha OS: URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (145.242.3.30)
If I include the monitor back-end in my configuration I have to add the following access rule as well :
access to dn.sub="cn=monitor" by * read
Otherwise slapd stops with the log reproduced below (my access rules include "access to * by * none").
I can send more information if required. Thanks and best regards Ali
============================================= Log extract :
dnPretty: <c=fr>
=> ldap_bv2dn(c=fr,0) <= ldap_bv2dn(c=fr)=0 => ldap_dn2bv(272) <= ldap_dn2bv(c=fr)=0 <<< dnPretty: <c=fr>
dnNormalize: <c=fr>
=> ldap_bv2dn(c=fr,0) <= ldap_bv2dn(c=fr)=0 => ldap_dn2bv(272) <= ldap_dn2bv(c=fr)=0 <<< dnNormalize: <c=fr> end get_filter 0 => monitor_back_search => access_allowed: search access to "cn=Databases,cn=Monitor" "entry" requested => acl_get: [2] attr entry => acl_mask: access to entry "cn=Databases,cn=Monitor", attr "entry" requested => acl_mask: to all values by "", (=0) <= check a_dn_pat: cn=admin,ou=internal,ou=min,o=gouv,c=fr <= check a_dn_pat: cn=connecteur,ou=internal,ou=min,o=gouv,c=fr <= check a_dn_pat: cn=sync,ou=internal,ou=min,o=gouv,c=fr <= check a_dn_pat: ou=applications,ou=external,ou=min,o=gouv,c=fr <= check a_dn_pat: * <= acl_mask: [5] applying none(=0) (stop) <= acl_mask: [5] mask: none(=0) => slap_access_allowed: search access denied by none(=0) => access_allowed: no more rules send_ldap_result: conn=-1 op=0 p=0 send_ldap_result: err=32 matched="" text="" monitor_back_register_entry_attrs(""): base="cn=databases,cn=monitor" scope=one filter="(namingContexts:distinguishedNameMatch:=c=fr)": unable to find entry
====> bdb_cache_release_all backend_startup_one: bi_db_open failed! (-1) slapd shutdown: initiated ====> bdb_cache_release_all bdb_db_close: alock_close failed slapd destroy: freeing system resources. slapd stopped. connections_destroy: nothing to destroy.
-
ali.pouyaï¼ free.fr