Am Tue, 01 Apr 2014 11:04:15 +0200 schrieb Jonas Kellens jonas.kellens@telenet.be:
On 01-04-14 10:53, Terje Trane wrote:
On 01.04.2014 09:58, Jonas Kellens wrote:
even if I add at the beginning of slapd.conf the following :
access to * by *
I still get no results with the user 'cn=U101001,ou=101001,dc=mydomain'
I only get result with 'cn=Manager,dc=mydomain'
Remember that ACLs are "first match used".
If a database does not have an ACL the global ACL applies.
But if it has a database specific ACL, that one is read first when accessing that particular database, and the global then *only* used if there is no match (or a control keyword like break or continue is specified)
I posted it before, but will post it again. This is the database specific ACL :
database bdb suffix "dc=mydomain" rootdn "cn=Manager,dc=mydomain" rootpw {SSHA}blCAG/CNdFPY597Cf4Ssuj
run slapd in debugging mode and debug level acl
-Dieter