directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shon Vella" <sve...@novell.com>
Subject Re: [ApacheDS] Having trouble setting up access control
Date Mon, 28 Jul 2008 17:28:01 GMT
FWIW - I had exactly the same experience when trying to do anything with Apache Directory Studio
1.1 plugin for access control (haven't tried 1.2 RC). Works great from LDIF, but the studio
plugin seems barely functional. I was only ever able to get them to work for editing existing
ACI entries that were created via LDIF. 

-Shon

>>> "Alex Karasulu" <akarasulu@apache.org> 07/28/08 10:59 AM >>>
FROM IRC:

<akarasulu> notdf
<akarasulu> I just installed 1.5.3 on a clean ubuntu 8.04 machine
<akarasulu> and then changed the dc=example,dc=com entry
<akarasulu> adding the new administrativeRole attribute

Below is the LDIF output from Studio of this operation:

<akarasulu> #!RESULT OK
<akarasulu> #!CONNECTION ldap://localhost:10389
<akarasulu> #!DATE 2008-07-28T12:53:20.623
<akarasulu> dn: dc=example,dc=com
<akarasulu> changetype: modify
<akarasulu> add: administrativeRole
<akarasulu> administrativeRole: accessControlSpecificArea
<akarasulu> -

<akarasulu> worked like a champion
<akarasulu> just try putting this LDIF into a file and importing it
<akarasulu> http://rafb.net/p/EzcKhp43.html
<akarasulu> notdf let me know what happens
<akarasulu> ttys

Alex

On Mon, Jul 28, 2008 at 12:38 PM, Dylan Taft <soundmanok@yahoo.com> wrote:

> I'm having trouble with setting up access control in apacheDS.  I'm using
> Apache DS 1.5.3
> Apache Studio 1.2.0 RC1
>
> I've tried to follow the docs listed here
> http://directory.apache.org/apacheds/1.5/32-basic-authorization.html
>
> I've added accessControlEnabled in my server.xml file, restarted the
> services..
>
> I've tried to add administrativeRole as an attribute to dc=example,dc=com
> in DS studio
> When I try, it just doesn't do it.  I get a little red X next to the object
> in the ldap browser..no other errors.
>
> Does anyone have a moment to walk me through doing this in studio?  I'm
> trying to have everything marked as read only to normal users except the
> userPassword attribute.  I've tried for several hours with no luck...
>
> Thanks in advance!
>
>
>
>


--
Microsoft gives you Windows, Linux gives you the whole house ...


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message