directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Hamilton <khamil...@umem.org>
Subject Re: [ApacheDS] Re: Access Restriction
Date Fri, 04 Nov 2011 13:13:56 GMT
version: 1
dn: uid=admin2,ou=systemobjectclass: organizationalPersonobjectclass:
personobjectclass: inetOrgPersonobjectclass: topcn: admin2sn:
admin2mail: admin@umem.orguid: admin2userPassword:: REMOVED for
e-mailadministrativeRole: accessControlSpecificAreacreateTimestamp:
20111104121155ZcreatorsName:
0.9.2342.19200300.100.1.1=admin,2.5.4.11=systementryCSN:
20111104121347.312000Z#000000#000#000000entryParentId: 1entryUUID::
REMOVED for e-mailmodifiersName:
0.9.2342.19200300.100.1.1=admin,2.5.4.11=systemmodifyTimestamp:
20111104121347ZpwdHistory:: REMOVED for e-mail

On Fri, Nov 4, 2011 at 9:01 AM, Emmanuel Lecharny <elecharny@gmail.com> wrote:
> On 11/4/11 1:23 PM, Kevin Hamilton wrote:
>>
>> Hey Oliver,
>>
>> Thanks so much for your response. I followed your instructions and
>> still had trouble.
>>
>> I checked the source of the prescriptive ACI in my new entry. The
>> source is below.
>>
>> {
>>     identificationTag "admin2Tag",
>>     precedence 0,
>>     authenticationLevel simple,
>>     itemOrUserFirst userFirst:
>>     {
>>         userClasses
>>         {
>>             name { "uid=admin2,ou=system" }
>>         }
>>         ,
>>         userPermissions
>>         {
>>             {
>>                 protectedItems { allUserAttributeTypesAndValues, entry },
>>                 grantsAndDenials
>>                 {
>>                     grantBrowse,
>>                     grantCompare,
>>                     grantRename,
>>                     grantExport,
>>                     grantRead,
>>                     grantModify,
>>                     grantDiscloseOnError,
>>                     grantFilterMatch,
>>                     grantImport,
>>                     grantAdd,
>>                     grantInvoke,
>>                     grantRemove,
>>                     grantReturnDN
>>                 }
>>             }
>>         }
>>     }
>> }
>>
>>
>> When I try to add this, I get a constraint violation that says ERR_277
>> Attribute userPassword not declared in objectClasses of entry
>> cn=admin2Test,uid=admin2,ou=system
>
> Can you provide the LDIF for this entry ?
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>



-- 
Thanks,
Kevin

Mime
View raw message