To clarify some:
As I understand it, the interface I use is for admin purposes only, doing changes from root@localhost without any cn credentials. In fact, I created an admin account from the same interface, which could import schemas, create OU and CN entries, and generally behaving like expected for everything except enabling modules. I used this guide: http://albanianwizard.org/ubuntu-10-0-4-lucid-lynx-ldap-configuration-th e-working-how-to.albanianwizard to get this working as I expected. (Note the modifications to cn=config here, which worked fine for me)
Openldap no longer have any config file, so all config changes is done through this interface. Using the CN=admin,DC=domain,DC=com created from the guide above return the same insufficient error message. I have also attempted to force the use of a slapd.conf file, which I ported from 8.04 conf file, without success. I also attempted an strace to follow the login procedure without getting any other message than the generic 'Insufficient access', or any reference to what permissions it checks.
What I can't figure out is why the admin account doesn't have access by default, or how/what to change in order to allow access. But I suspect there is something other than simple missing admin permissions going on here. I also attempted to change permissions and ownership of any files related to slapd, also with the same result. Any ideas on what to look for?
From: openldap-technical-bounces@openldap.org [mailto:openldap-technical-bounces@openldap.org] On Behalf Of Jon Skarpeteig Sent: 5. oktober 2010 10:41 To: openldap-technical@openldap.org Subject: memberOf module install on ubuntu 10.04 slapd package gives:"Insufficient access"
Attempting to enable memberOf module, following http://dimaj.net:1784/blog/2010/07/howto-verify-that-a-member-is-part-of -a-secondary-group-in-openldap/ gives me: ldap_modify: Insufficient access (50) - I am root on Ubuntu 10.04 using slapd package. What am I doing wrong?
openldap-technical@openldap.org