Re: Incremental ACLs somehow do not work

Huh,

But still, even a simple bind fails because it somehow does not get the auth privileges defined in the first stanza.

now this is exciting:

Testing with slapacl shows that my ACLs are, in fact, alright. But still they do not match when asked. For example:

# slapacl -v -b cn=nslcd,dc=teckids,dc=org entry: =rscxd […]

This pretty much tells me: what you are alowed to do here is "read", right?

But:

# slapacl -v -b cn=nslcd,dc=teckids,dc=org entry/read read access to entry: DENIED

Now this strikes me as odd… isn't it supposed to return success here?

That happens for each and every field in my directory…

For me this looks like a bug, but maybe I am doing somwthing entirely wrong?

-nik