Thanks guys!
Now when I start slapd, I do not understand the output: ------------------------------------------------------- @(#) $OpenLDAP: slapd 2.4.22 (Jun 9 2010 08:15:30) $ steve@v480:/bigdisk/SOURCES/S10/openldap-2.4.22/servers/slapd Backend ACL: access to * by self write by users read by anonymous auth
Backend ACL: access to * by * none
config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context bdb_db_open: warning - no DB_CONFIG file found in directory /shibidp/LDAP/var/data: (2). Expect poor performance for suffix "dc=ldap,dc=mimas,dc=ac,dc=uk". bdb_monitor_db_open: monitoring disabled; configure monitor database to enable slapd starting
Jonathan Clarke wrote:
On Mon, 12 Jul 2010 14:13:27 +0100, Nicholas Syrotiuk syrotiuk@manchester.ac.uk wrote:
Dear OpenLDAP users,
We have downloaded OpenLDAP 2.4.22 from Sunfreeware.com and installed it. We have successfully imported the LDAP data from another server. We are using the *simple* authentication method.
I can authenticate as rootdn but not as a user. Is there something wrong with my access control list:
access to * by self write by users read by anonymous none
I have tried running slapd with debugging switched on but could not diagnose the problem.
Any ideas on how to troubleshoot this?
Troubleshooting ACLs is greatly made easier by using "loglevel acl" in slapd.conf or "-d acl" on the command line.
In this case, you need to allow anonymous users auth privileges so that they can authenticate. See http://www.openldap.org/doc/admin24/access-control.html#The%20access%20to%20... for details.
Regards, Jonathan