Simone Taliercio wrote:
access to * by self write by anonymous auth by users search
The only way to workaround that issue is removing any ACL or leaving "by users read".
Looking at the ACL above you likely run into a misunderstanding.
You should carefully read slapd.access(5). Especially the very important section "THE ACCESS DIRECTIVE" describes significance of order of <what> and <who> clauses and that the checking stops at the first matching <what> and <who> clause (if control flow is not explicitly redirected).
Given the example above you might rather want this:
access to * by self write by users search by * auth
YMMV.
Also it's very handy to run slapd -d stats,acl [..other params..] to get ACL debugging displayed on console.
Ciao, Michael.