directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Hamilton <khamil...@umem.org>
Subject Re: [ApacheDS] Re: Access Restriction
Date Fri, 04 Nov 2011 13:48:27 GMT
I am using ADS 2.0.0-M2.

Thanks,
Kevin

On Fri, Nov 4, 2011 at 9:39 AM, Emmanuel Lécharny <elecharny@apache.org> wrote:
> On 11/4/11 2:29 PM, Kevin Hamilton wrote:
>>
>> The cn=admin2Test,uid=admin2,ou=system was never created because the
>> error occurred while I was trying to create it.
>>
>> I was following Oliver's instructions by doing the following:
>> 2) Add a new entry below the entry where you have added the
>> "administrativeRole" attribute. Use the object classes
>> "accessControlSubentry", "subentry" and "top". As RDN attribute name, use
>> "cn" and choose a name of your preference.
>> 2a) You will be asked to specify the subentry. Leave it empty.
>> 2b) You will be asked to specify the ACI element:
>>      * Identificator:<your choice>
>>      * Priority: 0
>>      * Authentication level: simple=non-SASL / strong=SASL (I would choose
>> simple first)
>>      * User or element first: User
>>      * User classes: Choose "name" and specify your admin2
>>      * User permissions:
>>        * Protected elements: "entry", "all user attribute types and
>> values"
>>        * Grants and denials: Here, you can grant everything
>>
>>
>> When he says add a new entry below the entry where I added
>> administrativeRole, he means I should right click on the
>> uid=admin,ou=system and add an entry to that, right? That is what I
>> have been doing. Is this incorrect?
>
> No, this is the way it should be done.
>
> The error message is a bit suprising...
>
> What version of ADS are you using ?
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>



-- 
Thanks,
Kevin

Mime
View raw message