For the life of me I can not figure out the syntax for performing this. Here is my snippet of config.ldif:

dn: olcDatabase={1}hdb,cn=config

objectClass: olcDatabaseConfig

objectClass: olcHdbConfig

olcDatabase: {1}hdb

olcSuffix: dc=sakai,dc=uri,dc=edu

olcAccess: {0}to * by peername.ip="131.128.1.0%255.255.255.0" +0 break by

peername.ip="131.128.122.0%255.255.255.0" +0 break by peername.ip="158.123

.255.8%255.255.255.248" +0 break by peername.ip="127.0.0.1" +0 break

olcAccess: {1}to * by dn.regex="^URIEduauthid=.+,dc=sakai,dc=uri,dc=edu$$"

read by * auth

olcAddContentAcl: FALSE

olcLastMod: TRUE

olcMaxDerefDepth: 15

olcReadOnly: FALSE

olcRootDN: cn=Manager,dc=sakai,dc=uri,dc=edu

.....

I need to remove the olcAccess {0} as we need to access this server from new ips. We are using a firewall to protect the server going forward.

I have created the file removeips containing:

dn: olcDatabase={1}hdb,cn=config

changetype: modify

delete: olcAccess

olcAccess: {1}

Running the command

ldapmodify -W -x -h antons.uri.edu -D "cn=admin,cn=config" -f /root/ldapscripts/removeips

gives me:

modifying entry "olcDatabase={1}hdb,cn=config"

ldap_modify: No such attribute (16)

additional info: modify/delete: olcAccess: no such attribute

What am I doing wrong?

Thanks,

Kathy

Katherine Faella tel: (401) 874-4469

Senior Technical Programmer kmf@uri.edu

University of Rhode Island
University Computing Systems(UCS)

210 Flagg Road

Kingston, Rhode Island