> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > > Am 08.07.2011 16:11, schrieb [email protected]: >> 2011-07-07 22:05:39: LDAP Account Manager (e2sqfcmdmn05jmnfolrlsc18g3) - >> ERROR: >> [cn=Some Admin,ou=People,dc=domain,dc=com] Unable to create DN: >> cn=JaneTest,ou=People,dc=domain,dc=com (Insufficient access). > >> Jul 7 22:05:39 ns1 slapd[25872]: conn=29 op=1 ADD >> dn="cn=JaneTest,ou=People,dc=domain,dc=com" >> Jul 7 22:05:39 ns1 slapd[25872]: conn=29 op=1 RESULT tag=105 err=50 text=no >> write >> access to parent > > > looks like your OpenLDAP access rights (ACLs) are not correct. "cn=Some > Admin,ou=People,dc=domain,dc=com" has no more write access to LDAP. > Please check slapd.conf/slapd.d.
If I log in with the rootdn and rootpw as defined in slapd.conf, it works fine. The idea was to have a user that could add/remove/modify LAM users but not do things like change the LAM configuration or do anything else in LDAP. I could have sworn I had that working at one point, without having to add that user to slapd.conf, but just telling LAM under "security settings". ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Lam-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lam-public
