Re: access control with pbind overlay

Ferenc Wagner <wferi(a)niif.hu&gt; writes: > I've got a partial syncrepl replica, which (among others) misses the > userPassword attributes of the provider database. I added a pbind > overlay to the replica, which forwards binds to the provider, thus > it became possible to do simple binds against the replica. But > access control on the replica does not honor these binds properly: > "by users" works, but "by self" does not. Before I waste too much > time debugging: is it supposed to work at all? I tested this under > 2.4.31 with: > > dn: olcDatabase={1}mdb,cn=config > olcAccess: to * by > dn.exact=gidNumber=119+uidNumber=116,cn=peercred,cn=external,cn=auth > read by self read by * none olcSyncrepl: rid=1 [...] > > The external auth part works, and if I replace self with users, that > works as well (but is not what I want). Do I expect too much? Hi, Would anybody please provide some guidance on this problem?