directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dylan Taft <d13f...@gmail.com>
Subject I'm stuck - Apache DS ACI
Date Sat, 11 Jul 2009 05:39:41 GMT
On my partition, dc=example, dc=com
administrativeRole is set to accessControlSpecificArea
I also created an accessControlSubentry, set a prescriptiveaci on
dc=example,dc=com

It's working...but

ou=schema is locked
If I try to connect as a normal user...

Error while opening connection
 - [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed for
SearchReques
 - No schema information returned by server, using default schema.
  javax.naming.NoPermissionException: [LDAP: error code 50 -
INSUFFICIENT_ACCESS_RIGHTS: failed for     SearchRequest
        baseDn : '2.5.4.3=schema'
        filter : '(objectClass=subschema)'
        scope : base object
        typesOnly : false
        Size Limit : no limit
        Time Limit : no limit
        Deref Aliases : deref Always
        attributes : 'objectclasses', 'attributetypes',
'ldapsyntaxes', 'matchingrules', 'matchingruleuse', 'createtimestamp',
'modifytimestamp'
: null]; remaining name 'cn=schema'
	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3013)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2758)
	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1812)
	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1735)
	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
	at org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper$1.run(JNDIConnectionWrapper.java:341)
	at org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.runAndMonitor(JNDIConnectionWrapper.java:1116)
	at org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.checkConnectionAndRunAndMonitor(JNDIConnectionWrapper.java:1047)
	at org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.search(JNDIConnectionWrapper.java:433)
	at org.apache.directory.studio.ldapbrowser.core.jobs.SearchRunnable.search(SearchRunnable.java:478)
	at org.apache.directory.studio.ldapbrowser.core.jobs.ExportLdifJob.search(ExportLdifJob.java:211)
	at org.apache.directory.studio.ldapbrowser.core.jobs.ReloadSchemaRunnable.reloadSchema(ReloadSchemaRunnable.java:175)
	at org.apache.directory.studio.ldapbrowser.core.BrowserConnectionListener.openBrowserConnection(BrowserConnectionListener.java:115)
	at org.apache.directory.studio.ldapbrowser.core.BrowserConnectionListener.connectionOpened(BrowserConnectionListener.java:65)
	at org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:125)
	at org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:113)
	at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)

  [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed for
SearchRequest
        baseDn : '2.5.4.3=schema'
        filter : '(objectClass=subschema)'
        scope : base object
        typesOnly : false
        Size Limit : no limit
        Time Limit : no limit
        Deref Aliases : deref Always
        attributes : 'objectclasses', 'attributetypes',
'ldapsyntaxes', 'matchingrules', 'matchingruleuse', 'createtimestamp',
'modifytimestamp'
: null]
  No schema information returned by server, using default schema.


Can anyone assist?  I can't add an administrativeRole to ou=schema, it
won't let me, so how can I make it readable by users?

Thanks!

Mime
View raw message