Dears,
I've configured a META ldap instance pointing to a LDAP backend. In this backend, there are a few ACLs but which ones don't restrict ldapsearch that I do from the META frontend. I just have an issue when I set some ACLs on the META frontend and more specially when I insert attrs=xxx in the ACL.
Here is my ACL = OK
olcAccess : {0}to dn.one="ou=staff,o=mobistar.be" by dn="uid=a0621004,ou=ObeExternalITOnGcp,ou=partners,o=mobistar.be" read
NOT OK olcAccess : {0}to dn.one="ou=staff,o=mobistar.be" attrs=uid by dn="uid=a0621004,ou=ObeExternalITOnGcp,ou=partners,o=mobistar.be" read
Can you explain why when I restrict to an attribute, my ldapsearch didn't provide me any response as expected ?
Thx in advance, J-L.
On 23/03/06 10:48, bourguijl@gmail.com wrote:
Dears,
I've configured a META ldap instance pointing to a LDAP backend. In this backend, there are a few ACLs but which ones don't restrict ldapsearch that I do from the META frontend. I just have an issue when I set some ACLs on the META frontend and more specially when I insert attrs=xxx in the ACL.
Here is my ACL = OK
olcAccess : {0}to dn.one="ou=staff,o=mobistar.be" by dn="uid=a0621004,ou=ObeExternalITOnGcp,ou=partners,o=mobistar.be" read
NOT OK olcAccess : {0}to dn.one="ou=staff,o=mobistar.be" attrs=uid by dn="uid=a0621004,ou=ObeExternalITOnGcp,ou=partners,o=mobistar.be" read
Is access granted to 'entry' (implicitly or explicity for that dn) somewhere in later acls ?
Would attrs=entry,uid work ?
Can you explain why when I restrict to an attribute, my ldapsearch didn't provide me any response as expected ?
Thx in advance, J-L.
openldap-technical@openldap.org