[Lam-public] "Insufficient Access" trying to add or modify users

Fri, 08 Jul 2011 07:12:28 -0700 

I set this up several weeks ago on a RedHat server along with OpenLDAP. 
Everything was fairly straightforward and it seemed to work fine using POSIX 
type
user entries.  Since then, there's been a general 'yum update' done on the box 
and
now while we can log into the LAM interface and even change the config, we can 
no
longer add or modify users.  From the lamlog:

---
2011-07-07 22:05:39: LDAP Account Manager (e2sqfcmdmn05jmnfolrlsc18g3) - ERROR:
[cn=Some Admin,ou=People,dc=domain,dc=com] Unable to create DN:
cn=JaneTest,ou=People,dc=domain,dc=com (Insufficient access).

2011-07-07 22:07:04: LDAP Account Manager (j5ieo7or3hr9f56jt0cdppg9p1) - ERROR:
[cn=Some Admin,ou=People,dc=domain,dc=com] Unable to modify attribtues from DN:
cn=John Test,ou=People,dc=domain,dc=com (Insufficient access)
---

Here is what I see OpenLDAP logging (beware, I am noob to both LAM and 
OpenLDAP):

---
Jul  7 22:05:39 ns1 slapd[25872]: conn=29 fd=13 ACCEPT from IP=127.0.0.1:58510
(IP=0.0.0.0:389)
Jul  7 22:05:39 ns1 slapd[25872]: conn=29 op=0 BIND dn="cn=Some
Admin,ou=People,dc=domain,dc=com" method=128
Jul  7 22:05:39 ns1 slapd[25872]: conn=29 op=0 BIND dn="cn=Some
Admin,ou=People,dc=domain,dc=com" mech=SIMPLE ssf=0
Jul  7 22:05:39 ns1 slapd[25872]: conn=29 op=0 RESULT tag=97 err=0 text=
Jul  7 22:05:39 ns1 slapd[25872]: conn=29 op=1 ADD
dn="cn=JaneTest,ou=People,dc=domain,dc=com"
Jul  7 22:05:39 ns1 slapd[25872]: conn=29 op=1 RESULT tag=105 err=50 text=no 
write
access to parent
Jul  7 22:05:39 ns1 slapd[25872]: conn=29 op=2 UNBIND
Jul  7 22:05:39 ns1 slapd[25872]: conn=29 fd=13 closed
---

Could this be something as simple as file permissions somewhere that got changed
during the update?  OpenLDAP runs as ldap/ldap.  Any assistance appreciated...

------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security 
threats, fraudulent activity, and more. Splunk takes this data and makes 
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Lam-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lam-public

Reply via email to