Hi I send it along with commands and results
ldapsearch -x -b "cn=ldap_admins,ou=Groups,dc=domain,dc=com" -H ldapi:///
# ldap_admins, Groups, domain.comhttp://domain.com dn: cn=ldap_admins,ou=Groups,dc=domain,dc=com objectClass: groupOfNames cn: ldap_admins member: uid=test,ou=Users,dc=domain,dc=com
ldapsearch -x -b "cn=test,ou=Users,dc=domain,dc=com" -H ldapi:///
# test, Users, domain.comhttp://domain.com dn: cn=test,ou=Users,dc=domain,dc=com objectClass: posixAccount objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person homeDirectory: /home/test loginShell: /bin/bash uid: test cn: test uidNumber: 10000 gidNumber: 10000 sn: test
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config 'olcDatabase={1}mdb'
olcAccess: {0}to attrs=userPassword by self write by group.exact="cn=ldap_admins,ou=Groups,dc=domain,dc=com" write by anonymous auth by * none olcAccess: {1}to * by self write by group.exact="cn=ldap_admins,ou=Groups,dc=domain,dc=com" write by * read
12 авг. 2020 г., в 19:35, Quanah Gibson-Mount <quanah@symas.commailto:quanah@symas.com> написал(а):
--On Wednesday, August 12, 2020 5:24 PM +0000 Клеусов Владимир Сергеевич <Kleusov.Vladimir@wildberries.rumailto:Kleusov.Vladimir@wildberries.ru> wrote:
Sorry Please explain the group in the picture in the previous email cn ldap_admins
member uid=test,ou=Users,dc=domain,dc=com
Hi,
Don't send images of textual data. Additionally your graphic doesn't show the DN of the group, so there's no way to map it to the ACLs you provided.
Provide actual text data of the entries in question (the group and the user) in addition to the current ACLs.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com