--On Wednesday, October 24, 2018 5:17 PM +0200 Lirien Maxime
<maxime.lirien(a)gmail.com> wrote:
# 2) userPassword accessible by all
access to * attrs=userPassword
by dn.exact="cn=Synchro,ou=Comptes Admin,dc=fr" read
by users auth
by anonymous auth
by * none
This should be just access to attrs=userPassword, no need for the *.
Similar comment for some of your other ACLs using the same format.
I would generaly advise enabling "acl" level logging to see how things are
being processed so you can determine what additional access is needed or
which rule(s) are blocking access.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<
http://www.symas.com>