[turba] bad DN "ou=(.+) after enforcing LDAP ACL's in slapd.conf - fixed :-)

Mark Worsdall turba at worsdall.demon.co.uk
Thu Feb 16 18:56:24 PST 2006 

Hi

Cheers for that. phew, as if I have not spent a nightmare 3 days mount 
everest learning curve with slapd ldap, so thanks for the pull up to the 
top, well nearly to top:-)

Probably should go in the turba/docs/LDAP

and maybe a hint in the turba/config/conf.xml file stating in the turba 
setup: If using LDAP ensure your have: the displays the LDAP document 
text.

I know, I should have read it.

M.

In message <002401c6336b$fe630fa0$641e140a at ATHLON>, Dale Hartung 
<dale at dghartung.com> writes
>Your using a regular expression, do something like this:
>
> access to dn.regex="ou=(.+),ou=personal_addressbook,dc=site,dc=com"
>        by dn.regex="uid=(.+),ou=people,dc=site,dc=com" write
>
>
>I spent hours figuring this out and this works for me now.
>
>Dale
>
>-----Original Message-----
>From: turba-bounces at lists.horde.org [mailto:turba-bounces at lists.horde.org]
>On Behalf Of Mark Worsdall
>Sent: Thursday, February 16, 2006 8:38 PM
>To: turba at lists.horde.org
>Subject: [turba] bad DN "ou=(.+) after enforcing LDAP ACL's in slapd.conf
>
>Hi,
>
>When I add the lines specified in turba/docs/LDAP
>
>Enforce ACL's to personal address books.
>
>    Add this to your LDAP ACL so users can only see their own address
>book::
>
>
>access to dn="ou=(.+), ou=personal_addressbook, dc=shadowrobot, dc=com"
>          by dn="uid=$1, dc=shadowrobot, dc=com" write
>          by * none
>
>
>and restart the slapd.conf server It won't start and reports error:
>
>sudo /etc/init.d/slapd restart
>
>Stopping OpenLDAP: slapd.
>Starting OpenLDAP: running BDB recovery, slapd - failed:
>/etc/ldap/slapd.conf: line 103: bad DN "ou=(.+),
>ou=personal_addressbook, dc=shadowrobot, dc=com" in to DN clause
><access clause> ::= access to <what> [ by <who> <access> [ <control> ]
>]+
>
>
>I assume that LDAP ACL's  in the case of slapd means the slapd.conf
>file?
>
>M.
>--
>Mark Worsdall
>http://www.shadowrobot.com/  need a hand??

-- 
Mark Worsdall
http://www.shadowrobot.com/  need a hand??

More information about the turba mailing list