Hi,
On Tue, 11 Mar 2014, Seun Ojedeji wrote:
Hello thanks for your response,
On Tue, Mar 11, 2014 at 11:01 AM, Christian Kratzer ck-lists@cksoft.dewrote:
Hi,
On Tue, 11 Mar 2014, Seun Ojedeji wrote: How do i fix the insuffient access problem? I am using the admin that has full write access on ldap.
<snipp/>
Its a fresh ldap setup and i only have one admin user created (with on personal user) here is the script i used in setting up ldap: http://pastebin.com/JagCtptS
your acl for cn=config is as follows:
dn: olcDatabase={0}config,cn=config objectClass: olcDatabaseConfig olcDatabase: {0}config olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external ,cn=auth manage by * break
This only allows the unix root user to manage cn=config.
The admin user you are using is for managing access to the main directory.
To manage cn=config in this setup you should use
ldapadd -Y EXTERNAL -H ldapi:/// ldapmodify -Y EXTERNAL -H ldapi:///
- your openldap version
openldap-2.4.28
Do yourself a favor and upgrade to 2.4.39 before starting with any serious openldap work.
You can get upto date rpm and deb packages from http://ltb-project.org/wiki/
Greetings Christian
- your full configuration (preferably on pastebin oder such)
Use slapcat -n0 to extract the config
Thanks again for helping out
Greetings Christian
-- Christian Kratzer CK Software GmbH Email: ck@cksoft.de Wildberger Weg 24/2 Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer Web: http://www.cksoft.de/