Steve, On Sunday, September 12, 2010 07:31:36 pm Steve Langasek wrote: > Can you please run slapd with the argument "-d Conns,Filter,Config,ACL" and > send us the resulting output?
The output is listed below. I do not know much about how ldap works, but I believe this bug is related to http://bugs.debian.org/595539. It is possible that when that bug is closed it will also solve this problem. r...@mail:/home/soren# slapd -d Conns,Filter,Config,ACL @(#) $OpenLDAP: slapd 2.4.23 (Sep 13 2010 07:04:08) $ @borges:/home/devel/openldap/trunk/debian/build/servers/slapd => test_filter PRESENT => access_allowed: search access to "cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 => test_filter PRESENT => access_allowed: search access to "cn=module{0},cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 loaded module back_hdb module back_hdb: null module registered => test_filter PRESENT => access_allowed: search access to "cn=schema,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 => test_filter PRESENT => access_allowed: search access to "cn={0}core,cn=schema,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 => test_filter PRESENT => access_allowed: search access to "cn={1}cosine,cn=schema,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 => test_filter PRESENT => access_allowed: search access to "cn={2}nis,cn=schema,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 => test_filter PRESENT => access_allowed: search access to "cn={3}inetorgperson,cn=schema,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 => test_filter PRESENT => access_allowed: search access to "olcBackend={0}hdb,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 => test_filter PRESENT => access_allowed: search access to "olcDatabase={-1}frontend,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 Backend ACL: access to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * +0 break Backend ACL: access to dn.base="" by * read Backend ACL: access to dn.base="cn=subschema" by * read => test_filter PRESENT => access_allowed: search access to "olcDatabase={0}config,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 Backend ACL: access to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * +0 break /etc/ldap/slapd.d: line 1: warning: cannot assess the validity of the ACL scope within backend naming context => test_filter PRESENT => access_allowed: search access to "olcDatabase={1}hdb,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 Backend ACL: access to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn.base="cn=admin,dc=stoutner,dc=net" write by * none /etc/ldap/slapd.d: line 1: warning: cannot assess the validity of the ACL scope within backend naming context Backend ACL: access to dn.base="" by * read /etc/ldap/slapd.d: line 1: warning: ACL appears to be out of scope within backend naming context Backend ACL: access to * by self write by dn.base="cn=admin,dc=stoutner,dc=net" write by * read /etc/ldap/slapd.d: line 1: warning: cannot assess the validity of the ACL scope within backend naming context index objectClass 0x0004 slapd starting daemon: added 4r listener=(nil) daemon: added 7r listener=0x19c16e0 daemon: added 8r listener=0x19c17a0 daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero daemon: activity on 1 descriptor daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero -- Soren Stoutner Small Business Tech Solutions 623-262-6169 so...@sbtechsolutions.biz www.sbtechsolutions.biz
signature.asc
Description: This is a digitally signed message part.