--On Sunday, April 12, 2015 11:56 PM +0800 feora studyfordo@163.com wrote:
I found log in ldap.log file
Apr 12 14:20:54 abc slapd[3136]: => access_allowed: auth access to "uid=bobliu,ou=it,dc=abc,dc=com" "userPassword" requested Apr 12 14:20:54 abc slapd[3136]: => slap_access_allowed: backend default auth access granted to "(anonymous)" Apr 12 14:20:54 abc slapd[3136]: => access_allowed: auth access granted by read(=rscxd) Apr 12 14:20:54 abc slapd[3136]: => access_allowed: backend default write access denied to "uid=bobliu,ou=it,dc=abc,dc=com"
why access granted to anoymous not bobliu.
anonymous is granted AUTH access (for bind) The USER is granted READ Access The USER is DENIED write access
So you have an ACL that blocks WRITE access to the attribute for the USER.
--Quanah
--
Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration