Hello all,
An example user in my LDAP structure is like:
dn: cn=Full Name,ou=Users,dc=mydomain,dc=com objectClass: inetOrgPerson objectClass: posixAccount objectClass: person objectClass: organizationalPerson objectClass: top givenName: Full sn: Name cn: Full Name uid: fname userPassword: {MD5}HNtFsPRLE3okNNjVm6lmpw== uidNumber: 1004 gidNumber: 100 homeDirectory: /home/fname loginShell: /bin/bash mail: fname@mydomain.com
This user is under group of IT where I want to give him access to add new entry into the OpenLDAP. I'm connecting to LDAP server via his details and phpldapadmin and trying to create a new user but I'm getting the following error:
Error number: 0x13 (LDAP_CONSTRAINT_VIOLATION) Description: Some constraint would be violated by performing the action. This can happen when you try to add a second value to a single-valued attribute, for example.
My ACL's in the master ldap server are:
access to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=mydomain,dc=com" write by dn="uid=syncrepl,ou=system,dc=mydomain,dc=com" write by group/groupOfUniqueNames/uniqueMember="cn=IT,ou=Groups,dc=mydomain,dc=com" write by dn="uid=authenticate,ou=system,dc=mydomain,dc=com" read by anonymous auth by self write by * none
access to attrs=givenName,sn,cn by group/groupOfUniqueNames/uniqueMember="cn=IT,ou=Groups,dc=mydomain,dc=com" write by self write by users auth by anonymous auth
access to dn.base="" by * read
access to * by dn="cn=admin,dc=mydomain,dc=com" write by group/groupOfUniqueNames/uniqueMember="cn=LDAP Admins,ou=Groups,dc=mydomain,dc=com" write by * read
I'm also using in this file the overlay unique for attributes uid,mail and uidNumber in case that this has anything to do.
Any help is much appreciated.
Thanks