Hello list,
I am a sysadmin with limited experience with LDAP, and I am having a little issue with ACL's on an openldap server. The server has been running for more than a year as an auth. backend for Plone. However, recently I wanted to use the same user name/password information for other purposes and then I ran into a problem:
I can not bind to the server as a non-root DN.
More concrete example:
# ldapsearch -D "cn=my_own_user_id,dc=example,dc=be" -x (&(cn=editors)(uniqueMember=cn=someuser,dc=example,dc=be))" -W Enter LDAP Password: ldap_bind: Invalid credentials (49)
I'll paste the acl's from my slapd.conf file:
access to attrs=userPassword by dn="cn=admin,dc=example,dc=be" write by anonymous auth by self write #by * none #access to dn.base="" by * read access to * by dn="cn=admin,dc=example,dc=be" write by dn="cn=admin,dc=example,dc=be" read by * read
I would think that normally, "by anonymous auth" would allow any user (inetOrgPerson) to bind to the server? Can anyone help?
Thanks in advance.