Hi I understand, but I think i might have it wrong I changed the group miniadmins to this. dn: cn=MiniAdmins,ou=Group,dc=mydomain,dc=com,dc=ec objectClass: groupOfNames objectClass: top cn: MiniAdmins member: uid=jdc,ou=People,dc=mydomain,dc=com,dc=ec member: uid=no-admin,ou=People,dc=mydomain,dc=com,dc=ec structuralObjectClass: groupOfNames entryUUID: a3e66d90-19b0-1030-9c61-73ebddf12515 creatorsName: cn=Manager,dc=iess,dc=gob,dc=ec modifiersName: cn=Manager,dc=iess,dc=gob,dc=ec createTimestamp: 20110523174841Z modifyTimestamp: 20110523174841Z entryCSN: 20110523174841Z#000012#00#000000
Changed the ou=Group, instead of people, or should it be ou=Users?
I added this to the slapd.conf, but it didnt work.
access to * by self write by users read by anonymous read by * none
access to dn="ou=People,dc=iess,dc=gob,dc=ec" attrs=children,entry by group/groupOfNames/member="cn=MiniAdmins,ou=Group,dc=iess,dc=gob,dc=ec" write or this
access to * by self write by users read by anonymous read by * none
access to * attrs=children,entry by group/groupOfNames/member="cn=MiniAdmins,ou=Group,dc=iess,dc=gob,dc=ec" write
or this
access to * by self write by group/groupOfNames/member="cn=MiniAdmins,ou=Group,dc=iess,dc=gob,dc=ec" write by anonymous read by * none
----- Original Message ----- From: "Quanah Gibson-Mount" quanah@zimbra.com To: "Juan Diego Calle" juandiego.calle@soportelibre.com, openldap-technical@openldap.org Sent: Tuesday, June 7, 2011 6:13:58 PM GMT -05:00 Colombia Subject: Re: phpldapadmin and openldap
--On Tuesday, June 07, 2011 6:01 PM -0500 Juan Diego Calle juandiego.calle@soportelibre.com wrote:
Hi,
I have being trying to solve this for more than a month. I installed Openldap, Samba, smbldap-tools, and phpmyadmin in a Red Hat 5.6 server. I have many users created with smbldap-tools. Almost everything works, there are 2 things that I need help with. One is with phpldapadmin. I can log with the user administrator, but can not change anything, this is the error in phpldapadmin
dn="uid=Administrator,ou=People,dc=mydomain,dc=com,dc=ec"
access to * by self write by users read by anonymous read by * none
No where in this ACL do you give the above DN the ability to make changes to your database. I suggest you fix your ACLs.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration