Jacques Foucry wrote:
Le 30/05/2013 16:50, Dan White a écrit : Hello Dan,
Does ldapsearch work using the same credentials?
Definitely no.
It work with the rootdn:
ldapsearch -x -D cn=admin,dc=example,dc=com -W
but it did not work with a user. Sound like an acl issue.
Here is my ACL
access to attrs=userPassword by self write by dn="cn=syncuser,dc=example,dc=com" read by anonymous auth by * none
access to attrs=userPassword by self write by anonymous auth by * none
Do you really have two clauses for 'userPassword'? Why?
You can find some ACL recipes in the FAQ: http://www.openldap.org/faq/data/cache/189.html
Also see man page slapd.access(5): http://www.openldap.org/software/man.cgi?query=slapd.access
I'd just go for:
access to attrs=userPassword by self write by dn="cn=syncuser,dc=example,dc=com" read by * auth
Ciao, Michael.