Openldap granting write access for groups

Asked Dec 21 '20 at 13:03

Active Dec 21 '20 at 15:23

Viewed 51 times

I want to give an admin group write access

cn=admin_group,ou=group,dc=kml,dc=de
dn: cn=admin_group,ou=group,dc=kml,dc=de
cn: admin_group
description: All users
member: uid=uf,ou=people,dc=kml,dc=de
objectclass: groupOfNames

the acl :

olcAccess: {0}to  * by  group.exact="cn=admin_group,dc=kml,dc=de" write by users read by * auth

if i authenitcate as uf It did not work, i tried all examples in found in the web, but i got allways

0x32 (LDAP_INSUFFICIENT_ACCESS)

edited Dec 21 '20 at 15:23

Andrew Schulman

8,811
21
32
47

asked Dec 21 '20 at 13:03

Eric Meyer

Where is this ACL applied? {-1}frontend, {0}config, {1}mdb? Are you sure you're bound as a member of that group to the server? I.e. `ldapwhoami` returns as expected? – 84104 Dec 22 '20 at 06:44
This acl is in (1)mdb – Eric Meyer Dec 22 '20 at 08:06
ldapwhoami -x -D "uid=uf,ou=people,dc=kml,dc=de" -W Enter LDAP Password: dn:uid=uf,ou=people,dc=kml,dc=de – Eric Meyer Dec 22 '20 at 08:07

Openldap granting write access for groups

0 Answers0