Re: slapd.conf - etch-test / was Re: debian-edu empfiehlt+enthält cipux _NICHT_

To: Andreas Schockenhoff <asc@gmx.li>
Cc: debian-edu@lists.debian.org
Subject: Re: slapd.conf - etch-test / was Re: debian-edu empfiehlt+enthält cipux _NICHT_
From: Daniel Hess <daniel@rio-grande.ping.de>
Date: Sat, 30 Jun 2007 22:24:09 +0200
Message-id: <[🔎] 20070630202409.GA30612@rio-grande.ping.de>
In-reply-to: <[🔎] 1183221472.3430.12.camel@demohost1.intern>
References: <loom.20070607T055203-847@post.gmane.org> <200706282025.07379.holger@layer-acht.org> <1183218977.3430.4.camel@demohost1.intern> <200706301801.17280.klaus@skolelinux.no> <[🔎] 1183221472.3430.12.camel@demohost1.intern>

Hi,

On Sat, Jun 30, 2007 at 06:37:52PM +0200, Andreas Schockenhoff wrote:
> With this old slapd.conf it works again.
> 
> Here is the diff.
> tjener:/etc/ldap# diff slapd.conf.etch-test slapd.conf.rc3
> 98c98
> <       by group/lisAclGroup/member="cn=admins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 write
> ---
> >       by group/lisAclGroup/member="cn=admins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 =w
> 147,148c147,148
> < #access to *
> < #     by * read
> ---
> > access to *
> >       by * read

could you please test if only changing the part at the end of the file
helps?

The problem is, that libnss-ldap only binds anonymously to slapd and
therefrom needs the "access to * by * read" part to get the mapping of
users, groups and netgroups.

TIA

Daniel

Reply to:

Follow-Ups:
- Re: slapd.conf
  - From: Andreas Schockenhoff <asc@gmx.li>

References:
- slapd.conf - etch-test / was Re: debian-edu empfiehlt+enthält cipux _NICHT_
  - From: Andreas Schockenhoff <asc@gmx.li>

Prev by Date: [Bug 1203] standalone: network Manager makes it impossible to log in on a laptop set up as a workstation
Next by Date: Re: slapd.conf
Previous by thread: Re: slapd.conf - etch-test / was Re: debian-edu empfiehlt+enthält cipux _NICHT_
Next by thread: Re: slapd.conf
Index(es):
- Date
- Thread