Am Tue, 5 Jul 2011 19:33:05 -0300 schrieb Friedrich Locke friedrich.locke@gmail.com:
So what should be the rules for monitor database? I don't want my users looking up in my openldap server status. May you provide rules for the monitor database?
Thanks
On Tue, Jul 5, 2011 at 6:03 PM, masarati@aero.polimi.it wrote:
I have configured database monitor and setted two access rules in its context. By the log messages below keep annoying me:
/etc/openldap/slapd.conf: line 110: warning: cannot assess the validity of the ACL scope within backend naming context Backend ACL: access to dn.subtree="cn=monitor" by dn.base="cn=oldap,dc=ufv,dc=br" read by * none
Backend ACL: access to * by * none
Remove this rule. It's pleonastic (never used) because, as the message says, it's outside the naming context. All data within the naming scope is intercepted by the previous rule.
p.
/etc/openldap/slapd.conf: line 123: warning: cannot assess the validity of the ACL scope within backend naming context Backend ACL: access to * by * none
config_back_db_open: line 0: warning: cannot assess the validity of the ACL scope within backend naming context slapd starting
How may i "fix" that. (Altough i used the word "fix", i know it is not a error message).
Declare the access rules within the context of the monitor database.
dn:olcDatabase=monitor,cn=config olcAccess: to dn.subtree=cn=monitor by users read
-Dieter