directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonas Lindström <glurp...@gmail.com>
Subject Re: users Digest of: get.2591
Date Mon, 09 Nov 2009 08:22:08 GMT
Pardon me for replying to such an old message (the original is from July
11), but I have ran into exactly the same problem as Mr. Taft. Since it
seems like the question was never answered, I am making a try.

To recap: after enabling access control as described at
http://directory.apache.org/apacheds/1.5/32-basic-authorization.html, I get
an error message which is identical to the one below.

Jonas Lindström

Dylan Taft wrote:

> On my partition, dc=example, dc=com
> administrativeRole is set to accessControlSpecificArea I also created an
accessControlSubentry, set a prescriptiveaci on dc=example,dc=com
>
> It's working...but
>
> ou=schema is locked
> If I try to connect as a normal user...
>
> Error while opening connection
>  - [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed for
SearchReques
>  - No schema information returned by server, using default schema.
>   javax.naming.NoPermissionException: [LDAP: error code 50 -
> INSUFFICIENT_ACCESS_RIGHTS: failed for     SearchRequest
>         baseDn : '2.5.4.3=schema'
>         filter : '(objectClass=subschema)'
>         scope : base object
>         typesOnly : false
>         Size Limit : no limit
>         Time Limit : no limit
>         Deref Aliases : deref Always
>         attributes : 'objectclasses', 'attributetypes', 'ldapsyntaxes',
'matchingrules', 'matchingruleuse', 'createtimestamp', 'modifytimestamp'
> : null]; remaining name 'cn=schema'
> at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3013)
> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2758)
> at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1812)
> at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1735)
> at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
> at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
> at
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper$1.run(JNDIConnectionWrapper.java:341)
> at
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.runAndMonitor(JNDIConnectionWrapper.java:1116)
> at
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.checkConnectionAndRunAndMonitor(JNDIConnectionWrapper.java:1047)
> at
org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.search(JNDIConnectionWrapper.java:433)
> at
org.apache.directory.studio.ldapbrowser.core.jobs.SearchRunnable.search(SearchRunnable.java:478)
> at
org.apache.directory.studio.ldapbrowser.core.jobs.ExportLdifJob.search(ExportLdifJob.java:211)
> at
org.apache.directory.studio.ldapbrowser.core.jobs.ReloadSchemaRunnable.reloadSchema(ReloadSchemaRunnable.java:175)
> at
org.apache.directory.studio.ldapbrowser.core.BrowserConnectionListener.openBrowserConnection(BrowserConnectionListener.java:115)
> at
org.apache.directory.studio.ldapbrowser.core.BrowserConnectionListener.connectionOpened(BrowserConnectionListener.java:65)
> at
org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:125)
> at
org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:113)
> at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
>
>   [LDAP: error code 50 - INSUFFICIENT_ACCESS_RIGHTS: failed for
SearchRequest
>         baseDn : '2.5.4.3=schema'
>         filter : '(objectClass=subschema)'
>         scope : base object
>         typesOnly : false
>         Size Limit : no limit
>         Time Limit : no limit
>         Deref Aliases : deref Always
>         attributes : 'objectclasses', 'attributetypes', 'ldapsyntaxes',
'matchingrules', 'matchingruleuse', 'createtimestamp', 'modifytimestamp'
> : null]
>   No schema information returned by server, using default schema.
>
>
> Can anyone assist?  I can't add an administrativeRole to ou=schema, it
won't let me, so how can I make it readable by users?
>
> Thanks!

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message