Return-Path: 
 <users-return-1659-apmail-directory-users-archive=directory.apache.org@directory.apache.org>
Delivered-To: apmail-directory-users-archive@www.apache.org
Received: (qmail 87194 invoked from network); 28 Jul 2008 17:00:03 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 28 Jul 2008 17:00:03 -0000
Received: (qmail 13366 invoked by uid 500); 28 Jul 2008 17:00:02 -0000
Delivered-To: apmail-directory-users-archive@directory.apache.org
Received: (qmail 13338 invoked by uid 500); 28 Jul 2008 17:00:02 -0000
Mailing-List: contact users-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@directory.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@directory.apache.org>
List-Post: <mailto:users@directory.apache.org>
List-Id: <users.directory.apache.org>
Reply-To: users@directory.apache.org
Delivered-To: mailing list users@directory.apache.org
Received: (qmail 13327 invoked by uid 99); 28 Jul 2008 17:00:02 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 28 Jul 2008 10:00:02 -0700
X-ASF-Spam-Status: No, hits=2.0 required=10.0
	tests=HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of akarasulu@gmail.com
 designates 74.125.92.26 as permitted sender)
Received: from [74.125.92.26] (HELO qw-out-2122.google.com) (74.125.92.26)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 28 Jul 2008 16:59:05 +0000
Received: by qw-out-2122.google.com with SMTP id 3so274317qwe.31
        for <users@directory.apache.org>;
 Mon, 28 Jul 2008 09:59:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from:sender
         :to:subject:in-reply-to:mime-version:content-type:references
         :x-google-sender-auth;
        bh=wLxCWS3QIEr/lpSdg7Rx6T4jVqt6CAeuwFijWLAB50A=;
        b=g4OOa7GgXdKYc0f8JvOt+d25YJ7JqCFbk7KDB/sWjH3CKAdqma+XZ2aW19ro+DsQUS
         Pdtu/PcynQv7h9IzCBwjfEncOJPfL9j8RPoB4BEr69mPQVr8FewElZ4g9mcM/c2+AEOy
         Hd0itwlYvGz0YXCLoP6hYW5OR+N0cSS6JLVR4=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:date:from:sender:to:subject:in-reply-to:mime-version
         :content-type:references:x-google-sender-auth;
        b=EAIJ6bkn0/JmtcszUoPMm1LAN6E/YGBdOK/uBYG18GRPotllOcqaebaXvsvCABe50k
         MS1SjSVE/puDLKbTd9g1poE7Wem+yrIkb1pGMxj8+6+OWQYC4W2ZUpN2R6xHQrKcBZNG
         I38CSyPY2wwkOOIXpHYaA8LyI/I/9Gq08nsYQ=
Received: by 10.214.183.2 with SMTP id g2mr8631qaf.68.1217264353484;
        Mon, 28 Jul 2008 09:59:13 -0700 (PDT)
Received: by 10.150.200.1 with HTTP; Mon, 28 Jul 2008 09:59:13 -0700 (PDT)
Message-ID: <a32f6b020807280959n316eabe7q4209a9a7dac4cb5e@mail.gmail.com>
Date: Mon, 28 Jul 2008 12:59:13 -0400
From: "Alex Karasulu" <akarasulu@apache.org>
Sender: akarasulu@gmail.com
To: users@directory.apache.org
Subject: Re: [ApacheDS] Having trouble setting up access control
In-Reply-To: <370449.4415.qm@web31403.mail.mud.yahoo.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_10506_7842667.1217264353496"
References: <370449.4415.qm@web31403.mail.mud.yahoo.com>
X-Google-Sender-Auth: 1dc4f6ec785ac3ed
X-Virus-Checked: Checked by ClamAV on apache.org

------=_Part_10506_7842667.1217264353496
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

FROM IRC:

<akarasulu> notdf
<akarasulu> I just installed 1.5.3 on a clean ubuntu 8.04 machine
<akarasulu> and then changed the dc=example,dc=com entry
<akarasulu> adding the new administrativeRole attribute

Below is the LDIF output from Studio of this operation:

<akarasulu> #!RESULT OK
<akarasulu> #!CONNECTION ldap://localhost:10389
<akarasulu> #!DATE 2008-07-28T12:53:20.623
<akarasulu> dn: dc=example,dc=com
<akarasulu> changetype: modify
<akarasulu> add: administrativeRole
<akarasulu> administrativeRole: accessControlSpecificArea
<akarasulu> -

<akarasulu> worked like a champion
<akarasulu> just try putting this LDIF into a file and importing it
<akarasulu> http://rafb.net/p/EzcKhp43.html
<akarasulu> notdf let me know what happens
<akarasulu> ttys

Alex

On Mon, Jul 28, 2008 at 12:38 PM, Dylan Taft <soundmanok@yahoo.com> wrote:

> I'm having trouble with setting up access control in apacheDS.  I'm using
> Apache DS 1.5.3
> Apache Studio 1.2.0 RC1
>
> I've tried to follow the docs listed here
> http://directory.apache.org/apacheds/1.5/32-basic-authorization.html
>
> I've added accessControlEnabled in my server.xml file, restarted the
> services..
>
> I've tried to add administrativeRole as an attribute to dc=example,dc=com
> in DS studio
> When I try, it just doesn't do it.  I get a little red X next to the object
> in the ldap browser..no other errors.
>
> Does anyone have a moment to walk me through doing this in studio?  I'm
> trying to have everything marked as read only to normal users except the
> userPassword attribute.  I've tried for several hours with no luck...
>
> Thanks in advance!
>
>
>
>


-- 
Microsoft gives you Windows, Linux gives you the whole house ...

------=_Part_10506_7842667.1217264353496--