On 31-03-14 12:52, Hallvard Breien Furuseth wrote:
On Mon, 2014-03-31 at 10:43 +0200, Jonas Kellens wrote:
Well actually, this is the entire ACL :
(...)
defaultaccess   none
The defaultaccess keyword disappeared in OpenLDAP 2.1, and 2.4 won't
start with it.  Unless you're using a hacked version of OpenLDAP.
Anyway, that's the default in RE24 for a database which has other
access statements.  And searching also needs "search" access to
search-related items, like the baseDN.  See man slapd.access.

So you get what you're specifying: No access to baseDN of your
search.  Append something like this to access list:

access to * by * search


Hello,

made the change and added the extra line to /etc/openldap/slapd.conf

remove the line with  "defaultaccess   none" !

The output has changed from "32 No Such Object" to "result: 0 Success". Which is a step forward, but still no results.

When I query with cn=Manager, then  the results are shown :

[root@slap01 ]# ldapsearch -x -D 'cn=Manager,dc=mydomain' -b "ou=tbook1,ou=contacten,ou=101001,dc=mydomain" -W
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=tbook1,ou=contacten,ou=101001,dc=mydomain> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# tbook1, contacten, 101001, mydomain
dn: ou=tbook1,ou=contacten,ou=101001,dc=mydomain
ou: tbook1
objectClass: organizationalUnit
objectClass: top

<snip results>

# search result
search: 2
result: 0 Success

# numResponses: 5
# numEntries: 4



But when I query with the user cn=U101001, then there are no results :

[root@slap01 ]# ldapsearch -x -D 'cn=U101001,ou=101001,dc=mydomain' -b "ou=tbook1,ou=contacten,ou=101001,dc=mydomain" -W
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=tbook1,ou=contacten,ou=101001,dc=mydomain> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1



Can you help me further ?


Thanks,
Jonas.