no write access to parent

11 Feb 2009


      Hi.
There is acl in slapd.conf:
access to dn.one="ou=personal,ou=groups,o=vega"
        by group/groupOfUniqueNames/uniqueMember="cn=users-admins,ou=groups,o=vega" write
        by group/groupOfUniqueNames/uniqueMember="cn=tree-admins,ou=groups,o=vega" write
        by users read
And when  any  of  the  members of "cn=users-admins,ou=groups,o=vega"
tries to add a new object, he's got an error:
 no write access to parent
But he can modify exiting object without errors.
If I change dn.one to dn.sub, there is no errors at all.
Could anybody explain, what modification needs to parent object?
Our system:
$ uname -rs; pkg_info -Ix openldap-serv
FreeBSD 7.1-amd64-20090114-RELENG_7_1
openldap-server-2.4.13 Open source LDAP server implementation
-- 
Irina Shetukhina

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

no write access to parent