directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject Re: Creating ACIs in trunk code
Date Fri, 13 May 2011 09:42:37 GMT
Hi Richard,

On 5/12/11 6:17 PM, Richard Evans wrote:
> I'm running a 1.5.8 snapshot freshly built from trunk-with-dependencies.  I'm set up
access controls and am trying to define the 'enable search for all users' ACI entry as explained
in the online docs.

> This looks a bit like DIRSERVER-1524.  Have I created the Aci entry correctly for trunk
This is exactly the problem. It has been fixed in trunk. Otherwise, your 
entries are perfectly fine.
> A couple of other related queries:
> 1. With access controls enabled, I can't connect anonymously to the RootDSE - do I need
another Aci entry for this?
Yes. RootDSE is also controlled by access controls rules.
> 2. Attempting a search as a test user, I would expect searches to fail with an error,
instead I just get no results.  Is this intentional?
Depends on the LDAP API you are using. In any case, if you check the 
ResultCode, you should have a *insufficientAccessRights* error (or 
something similar)

Emmanuel L├ęcharny

View raw message