[turba] bad DN "ou=(.+) after enforcing LDAP ACL's in slapd.conf
Dale Hartung
dale at dghartung.com
Thu Feb 16 18:45:17 PST 2006
Your using a regular expression, do something like this:
access to dn.regex="ou=(.+),ou=personal_addressbook,dc=site,dc=com"
by dn.regex="uid=(.+),ou=people,dc=site,dc=com" write
I spent hours figuring this out and this works for me now.
Dale
-----Original Message-----
From: turba-bounces at lists.horde.org [mailto:turba-bounces at lists.horde.org]
On Behalf Of Mark Worsdall
Sent: Thursday, February 16, 2006 8:38 PM
To: turba at lists.horde.org
Subject: [turba] bad DN "ou=(.+) after enforcing LDAP ACL's in slapd.conf
Hi,
When I add the lines specified in turba/docs/LDAP
Enforce ACL's to personal address books.
Add this to your LDAP ACL so users can only see their own address
book::
access to dn="ou=(.+), ou=personal_addressbook, dc=shadowrobot, dc=com"
by dn="uid=$1, dc=shadowrobot, dc=com" write
by * none
and restart the slapd.conf server It won't start and reports error:
sudo /etc/init.d/slapd restart
Stopping OpenLDAP: slapd.
Starting OpenLDAP: running BDB recovery, slapd - failed:
/etc/ldap/slapd.conf: line 103: bad DN "ou=(.+),
ou=personal_addressbook, dc=shadowrobot, dc=com" in to DN clause
<access clause> ::= access to <what> [ by <who> <access> [ <control> ]
]+
I assume that LDAP ACL's in the case of slapd means the slapd.conf
file?
M.
--
Mark Worsdall
http://www.shadowrobot.com/ need a hand??
--
Turba mailing list - Join the hunt: http://horde.org/bounties/#turba
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: turba-unsubscribe at lists.horde.org
More information about the turba
mailing list