Quanah Gibson-Mount quanah@fast-mail.org schrieb am 22.02.2022 um 17:49
in Nachricht <6D8946CEFE1406A76522A36F@[192.168.1.12]>:
--On Tuesday, February 22, 2022 12:44 PM +0100 Ulrich Windl Ulrich.Windl@rz.uni-regensburg.de wrote:
Quanah Gibson-Mount quanah@fast-mail.org schrieb am 18.02.2022 um 22:37
in Nachricht <8A1ED4C1E941394D45838C24@[192.168.1.12]>:
‑‑On Friday, February 18, 2022 9:03 AM +0100 Ulrich Windl <Ulrich.Windl@rz.uni‑regensburg.de> wrote:
But I should be able to query it, right? If so what is the correct filter expression?
Yes, if you query the right place. I.e., cn=subschema:
ldapsearch ... ‑s base ‑b "cn=subschema" +
When I try that I get "No such object", and when I try
Then you used a bind identity that doesn't have access to cn=subschema. Generally it is advised that cn=subschema should be readable by anyone.
I have this in "dn: olcDatabase={-1}frontend,cn=config": olcAccess: {0}to dn.exact="" by * read olcAccess: {1}to dn.base="cn=Subschema" by * read
Shouldn't that do?
--Quanah