Hello,

any more input to this ?


Thanks.

Jonas.


On 08-04-14 15:21, Jonas Kellens wrote:
On 07-04-14 19:05, Quanah Gibson-Mount wrote:


--On April 7, 2014 at 12:39:36 PM +0200 Jonas Kellens <jonas.kellens@telenet.be> wrote:


On 02-04-14 17:35, Christian Kratzer wrote:

start with a simple

    access to * by * read

access to *
         by * search

These clearly are not the same thing.

--Quanah


Hello,

also when I just put this rule in /etc/openldap/slapd.conf :

access to *
        by * read

nothing happens when searching with the user 'cn=U101001,ou=101001,dc=mydomain' :

[root@slap01 ]# ldapsearch -x -D 'cn=U101001,ou=101001,dc=mydomain' -b "ou=tbook1,ou=contacten,ou=101001,dc=mydomain" -W
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=tbook1,ou=contacten,ou=101001,dc=mydomain> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1



There are only results when searching with root user :


[root@slap01 ]# ldapsearch -x -D 'cn=Manager,dc=mydomain' -b "ou=tbook1,ou=contacten,ou=101001,dc=mydomain" -W
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=tbook1,ou=contacten,ou=101001,dc=mydomain> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# tbook1, contacten, 101001, mydomain
dn: ou=tbook1,ou=contacten,ou=101001,dc=mydomain
ou: tbook1
objectClass: organizationalUnit
objectClass: top

# Jonas BVBA, tbook1, contacten, 101001, mydomain
dn: cn=Jonas BVBA,ou=tbook1,ou=contacten,ou=101001,dc=mydomain
cn: Jonas BVBA
sn: Jonas BVBA
telephoneNumber: 1111111111
objectClass: inetOrgPerson

# Jonas Kellens, tbook1, contacten, 101001, mydomain
dn: cn=Jonas Kellens,ou=tbook1,ou=contacten,ou=101001,dc=mydomain
telephoneNumber: 111111111
objectClass: inetOrgPerson
cn: Jonas Kellens
sn: Jonas Kellens

# Center, tbook1, contacten, 101001, mydomain
dn: cn=Center,ou=tbook1,ou=contacten,ou=101001,dc=mydomain
cn: Center
sn: Center
telephoneNumber: 11111111
objectClass: inetOrgPerson

# search result
search: 2
result: 0 Success

# numResponses: 5
# numEntries: 4



Kind regards,
Jonas.