Am Thu, 30 Dec 2010 15:14:34 +0000 schrieb rui guideveloper@gmail.com:
Hi,
This is the output after doing "-d 128" http://pastebin.com/6Jb9j7F7
my latest slapd.conf is this: ########################################################################### # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/dyngroup.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/openldap.schema
####################################################################### # bdb database definitions ####################################################################### database bdb suffix "o=M1,c=GB" rootdn "uid=root,ou=People,o=M1,c=GB" rootpw test123 directory /var/lib/ldap
# Indices to maintain index objectClass,uid,uidNumber,gidNumber eq index cn,mail,surname,givenname eq,subinitial
## logging. #loglevel acl
access to attrs=userPassword by self write by dn="uid=root,ou=People,o=M1,c=GB" write by * auth
access to * by self write by users read by anonymous auth
The warnings in the debugging output (no by clauses specified) should have raised your attention. The way access rules are written, is bogus. Access rules have to be put on a single line, but this line may have continuations. The manual page slapd.access(5) and the admin guide http://www.openldap.org/doc/admin24/access-control.html give a good idea on how access rules should be written.
-Dieter