-----Original Message----- From: Howard Chu [mailto:hyc@symas.com] Sent: Thursday, September 13, 2012 3:51 AM To: Aaron Bennett Cc: openldap-technical@openldap.org Subject: Re: insert an olcAccess line in cn=config?
Read draft-chu-ldap-xordered-xx.txt
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=tree;f=doc/drafts;...
Thanks, Howard. That's good stuff.
I decided to take Apache Directory Studio out of the picture... dn: olcDatabase={1}bdb,cn=config add: olcAccess: {9}to uid by dn.subtree="ou=MyOU,ou=AnotherOU,dc=foo,dc=org" write by dn.base="cn=role, ou=AnotherOU,dc=foo,dc=org " write by dn.base="cn=anotherrole, ou=AnotherOU,dc=foo,dc=org " read by peername.ip="192.168.0.0%255.255.0.0" read by peername.ip="10.0.0.0%255.0.0.0" read by peername.ip="127.0.0.1" read by users read by self read by * none
What I get when I try to ldapadd it is:
$ ldapadd -v -H ldaps://testanimal.clarku.edu -x -D "cn=config" -W -f ldif.ldif ldap_initialize( ldaps://testanimal.clarku.edu:636/??base ) add add: add olcAccess: {9}to uid by dn.subtree="ou=MyOU,ou=AnotherOU,dc=foo,dc=org" write by dn.base="cn=role, ou=AnotherOU,dc=foo,dc=org " write by dn.base="cn=anotherrole, ou=AnotherOU,dc=foo,dc=org " read by peername.ip="192.168.0.0%255.255.0.0" read by peername.ip="10.0.0.0%255.0.0.0" read by peername.ip="127.0.0.1" read by users read by self read by * none adding new entry "olcDatabase={1}bdb,cn=config" ldap_add: Undefined attribute type (17) additional info: add: attribute type undefined
I know I'm missing something simple... thanks for your time.
-Aaron