Re: A very simple olcAccess rule doesn't work

--On Monday, December 27, 2021 9:16 AM +0000 Volodymyr Melnyk v.melnyk@tucha.ua wrote:

And why does this rule has `by * none`? Doesn't it contradict the OpenLDAP documentation? "The default access control policy is allow read by all clients" (https://www.openldap.org/doc/admin24/access-control.html).

You missed section 8.2.4. Access Control Evaluation, which specifically elaborates on this:

"If there are no access directives applicable to a backend, then a default read is used."

You clearly have access rules defined, so none of the above applies.

--Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com