--On January 16, 2007 6:34:39 PM +0100 Pierangelo Masarati
<[EMAIL PROTECTED]> wrote:
Quanah Gibson-Mount wrote:
This patch also does not work, continuing to use the credentials of the
bound user.
What operation are you performing when it gets to evaluate that filter?
Can you describe it a little bit further?
ldapsearch -LLL -Q -h ldap-dev1 -b
"cn=groups,cn=applications,dc=stanford,dc=edu" cn=registry-consult
Output is:
dn: cn=registry-consult,cn=groups,cn=applications,dc=stanford,dc=edu
objectClass: groupOfURLs
cn: registry-consult
memberURL:
ldap:///cn=people,dc=stanford,dc=edu??sub?(suprivilegegroup=registr
y:consult)
(but no members). Searching with my admin credentials, I get a full user
list.
access to
dn.exact="cn=registry-consult,cn=groups,cn=applications,dc=stanford,dc=edu"
by dn.base="uid=cadabra,cn=accounts,dc=stanford,dc=edu" sasl_ssf=56
read
by * none
is the ACL in place (admin group comes before this acl with full read to
everything in the tree).
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
