Re: ACL contextCSN

--On Wednesday, October 24, 2018 5:17 PM +0200 Lirien Maxime maxime.lirien@gmail.com wrote:

# 2) userPassword accessible by all access to * attrs=userPassword     by dn.exact="cn=Synchro,ou=Comptes Admin,dc=fr" read     by users auth     by anonymous auth     by * none

This should be just access to attrs=userPassword, no need for the *.

Similar comment for some of your other ACLs using the same format.

I would generaly advise enabling "acl" level logging to see how things are being processed so you can determine what additional access is needed or which rule(s) are blocking access.

--Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com