OpenLDAP test000-rootdse searches cn=Subschema as an anonymous user. Maybe you could start there as your example?
I really doubt that anything "happens automatically"; that's not in the protocol. If you turn on stats/stats2 debug level, you'll likely see that your rootDN-configured client is executing some flavor of search. If you're suspecting acl, you can turn on acl debug level.
On Tue, 17 Jul 2007, Ron Parker wrote:
I don't know what I mean. I've searched the Internet for "access to schema" and can't seem to find an answer that works for what I'm trying to do.
What I want to do is, when a user logs in, to allow the ldap client to read the schema for the server. This happens automatically when the rootdn logs in, but apparently I have to explicity create access control for a user's client to read the schema.
From the examples I've been able to locate and understand, I've tried the following:
access to dn="cn=subschema" by * read access to dn.base="cn=Subschema" by * read access to dn.subtree="cn=Subschema" by * read
but none appear to work. Apparently, I need another example of exactly what I'm trying to do, which I don't seem able to locate.
Thanks!
-ron
Aaron Richton wrote:
Is this what you mean, or do you mean cn=Subschema? (And note that that's not under "dc=example,dc=com." Search the list archive for examples.)
On Tue, 17 Jul 2007, Ron Parker wrote:
Now that I can log in as a user: How do I give a user access to schema? This is what I'm trying now (but not working):
access to dn.subtree="cn=schema,dc=example,dc=com" by dn="cn=Ron,ou=Zimbra,dc=example,dc=com" read
What am I missing? Thanks!
-ron
-- Ron Parker Software Creations http://www.scbbs.com Self-Administration Web Site http://saw.scbbs.com SDSS Subscription Mgmt Service http://sdss.scbbs.com Central Ave Dance Ensemble http://www.centralavedance.com R & B Salsa http://www.randbsalsa.com
__________ NOD32 2403 (20070717) Information __________
This message was checked by NOD32 antivirus system. http://www.eset.com
-- Ron Parker Software Creations http://www.scbbs.com Self-Administration Web Site http://saw.scbbs.com SDSS Subscription Mgmt Service http://sdss.scbbs.com Central Ave Dance Ensemble http://www.centralavedance.com R & B Salsa http://www.randbsalsa.com