Re: slapd.conf - etch-test / was Re: debian-edu empfiehlt+enthält cipux _NICHT_
On Sat, Jun 30, 2007 at 06:37:52PM +0200, Andreas Schockenhoff wrote:
> With this old slapd.conf it works again.
> Here is the diff.
> tjener:/etc/ldap# diff slapd.conf.etch-test slapd.conf.rc3
> < by group/lisAclGroup/member="cn=admins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 write
> > by group/lisAclGroup/member="cn=admins,ou=Group,dc=skole,dc=skolelinux,dc=no" ssf=128 =w
> < #access to *
> < # by * read
> > access to *
> > by * read
could you please test if only changing the part at the end of the file
The problem is, that libnss-ldap only binds anonymously to slapd and
therefrom needs the "access to * by * read" part to get the mapping of
users, groups and netgroups.