--On Tuesday, August 27, 2019 6:35 PM +0200 Marc Roos M.Roos@f1-outsourcing.eu wrote:
I have client that coredumps with these acl's. When I remove them, the client is getting data from the ldap server and I can see the queries it is doing on the server. I thougt the lines below would give access to ou=Services and below by test, but I guess not.
The client core dumps? Sounds like a serious bug in the client.
I guess I should grep the log for the acl_mask entries not? What would be an adviced procedure to do this? I also do not want to get a huge list of acls for just one client type. Everything below "ou=Services,dc=example,dc=local" is test to read. (No password attributes stored there)
You could use the slapacl command perhaps? I'm not quite sure what you're asking for here.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com