directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eugene Prokopiev <>
Subject Re: How to disable anonymous access for embedded ApacheDS
Date Fri, 23 Nov 2012 07:50:39 GMT
The problem is \"enableSearchForAllUsers\" substring, backslashes are not

Now I have another problem:

$ ldapadd -h localhost -p 10389 -D "uid=admin,ou=system" -W -f aci.ldif
Enter LDAP Password:
adding new entry "cn=enableSearchForAllUsers,dc=home"
ldap_add: No such attribute (16)
        additional info: NO_SUCH_ATTRIBUTE: failed for     Add Request :
    dn: cn=enableSearchForAllUsers,dc=home
    objectClass: top
    objectClass: subentry
    objectClass: accessControlSubentry
    cn: enableSearchForAllUsers
    prescriptiveACI: { identificationTag "enableSearchForAllUsers",
precedence 14, authenticationLevel simple, itemOrUserFirst userFirst: {
userClasses { allUsers }, userPermissions { { protectedItems {entry,
allUserAttributeTypesAndValues}, grantsAndDenials { grantRead,
grantReturnDN, grantBrowse } } } } }
    administrativeRole: accessControlSpecificArea
    subtreeSpecification: {}
: Administration point 0.9.2342.19200300.100.1.25=home does not contain an
administrativeRole attribute! An administrativeRole attribute in the
administrative point is required to add a subordinate subentry.

Which entry must contain administrativeRole attribute? Which objectClass
defines this attribute?

Eugene Prokopiev

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message