Re: Problem after migration openldap 2.3.43 to 2.4.23 --> 32 No Such Object
On Mon, 2014-03-31 at 12:57 +0200, Jonas Kellens wrote:
On 31-03-14 12:52, Hallvard Breien Furuseth wrote:
> (...)
> So you get what you're specifying: No access to baseDN of your
> search. Append something like this to access list:
>
> access to * by * search
won't this statement give access to everything and everyone ? Because if
it does, this is not what I want.
Yes - search but not read access, to everything not covered by
previous access statements. So people can search for '(sn=Kell*)
and discover that you exist, but not read your attributes.
By all means replace it with a more restrictive statement. To
see what, read man slapd.access section OPERATION REQUIREMENTS.