[Bug 427842] Re: [karmic] frontend DB needs ACLs for base="" and cn=schema

Andreas Hasenack andreas at canonical.com
Mon Sep 14 21:36:30 BST 2009


** Description changed:

  The current installation of slapd doesn't allow for searches in the empty base (dn="") and the schema entries. These are needed by several client tools to, among other things:
  - check what the server schema is (luma, apache directory studio)
  - discover what the server supports (the -s base -b "" + search), like authentication mechanisms, extensions, etc
  
  This ldapmodify fixes it after the server is running, so it should give
  you hints on where to add it properly in the package:
  
  dn: olcDatabase={-1}frontend,cn=config
  changetype: modify
  add: olcAccess
  olcAccess: to dn.base="" by * read
- olcAccess: to dn.base="cn=schema" by * read
+ olcAccess: to dn.base="cn=subschema" by * read
+ 
+ UPDATE: the base for the schema is actually cn=subschema, and not
+ cn=schema

** Summary changed:

- [karmic] frontend DB needs ACLs for base="" and cn=schema
+ [karmic] frontend DB needs ACLs for base="" and cn=subschema

-- 
[karmic] frontend DB needs ACLs for base="" and cn=subschema
https://bugs.launchpad.net/bugs/427842
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.



More information about the Ubuntu-server-bugs mailing list