OpenLDAP test000-rootdse searches cn=Subschema as an anonymous user. Maybe
you could start there as your example?
I really doubt that anything "happens automatically"; that's not in the
protocol. If you turn on stats/stats2 debug level, you'll likely see that
your rootDN-configured client is executing some flavor of search. If
you're suspecting acl, you can turn on acl debug level.
On Tue, 17 Jul 2007, Ron Parker wrote:
I don't know what I mean. I've searched the Internet for
"access to schema"
and can't seem to find an answer that works for what I'm trying to do.
What I want to do is, when a user logs in, to allow the ldap client to read
the schema for the server. This happens automatically when the rootdn logs
in, but apparently I have to explicity create access control for a user's
client to read the schema.
From the examples I've been able to locate and understand, I've tried the
following:
access to dn="cn=subschema" by * read
access to dn.base="cn=Subschema" by * read
access to dn.subtree="cn=Subschema" by * read
but none appear to work. Apparently, I need another example of exactly what
I'm trying to do, which I don't seem able to locate.
Thanks!
-ron
Aaron Richton wrote:
> Is this what you mean, or do you mean cn=Subschema? (And note that that's
> not under "dc=example,dc=com." Search the list archive for examples.)
>
> On Tue, 17 Jul 2007, Ron Parker wrote:
>
>> Now that I can log in as a user: How do I give a user access to schema?
>> This is what I'm trying now (but not working):
>>
>> access to dn.subtree="cn=schema,dc=example,dc=com"
>> by dn="cn=Ron,ou=Zimbra,dc=example,dc=com" read
>>
>> What am I missing? Thanks!
>>
>> -ron
>>
>> --
>> Ron Parker
>> Software Creations
http://www.scbbs.com
>> Self-Administration Web Site
http://saw.scbbs.com
>> SDSS Subscription Mgmt Service
http://sdss.scbbs.com
>> Central Ave Dance Ensemble
http://www.centralavedance.com
>> R & B Salsa
http://www.randbsalsa.com
>>
>>
>
> __________ NOD32 2403 (20070717) Information __________
>
> This message was checked by NOD32 antivirus system.
>
http://www.eset.com
>
>
>
--
Ron Parker
Software Creations
http://www.scbbs.com
Self-Administration Web Site
http://saw.scbbs.com
SDSS Subscription Mgmt Service
http://sdss.scbbs.com
Central Ave Dance Ensemble
http://www.centralavedance.com
R & B Salsa
http://www.randbsalsa.com