On Tue, 2014-04-01 at 09:58 +0200, Jonas Kellens wrote:
On 31-03-14 12:52, Hallvard Breien Furuseth wrote:
(...) Append something like this to access list:
access to * by * search
even if I add at the beginning of slapd.conf the following :
access to * by *
I still get no results with the user 'cn=U101001,ou=101001,dc=mydomain'
Quite. access controls at the beginning of slapd.conf
become the global access list, which are overridden by
the database's access list. The latter ends with a default
'access to * by * none'.
Also you didn't say what kind of access - read, write,
search or whatever. The default is '+0', i.e. no change.
This is all as described in man slapd.access.
*Append* access to * by * search (or something like it)
to the database's access list. That means, after the
other access statements. Then it'll apply to the entries
not described by those statements. My guess is your
previous attempt put it in front, thus hiding most
access controls.