On Friday 07 March 2008 00:18:13 Rick Stevens wrote:
> Ok, I found the glitch. The slapd.conf file doesn't really "ignore"
> lines starting with a "#".
It does. But, if you have a single statement running over multiple lines, the
*first* line that doesn't start with a leading space terminates the
statement. Always consider how a statement would look if you wrote it on one
line, e.g.:
access to attrs=userPassword
by cn=root,dc=mydomain,dc=com write
# by group="cn=Account Admins,dc=mydomain,dc=com write
by self write
by * auth
is going to end up terminating at the # ...
I note that no comment lines appeared in the ACLs you posted ... if you had
included the exact contents, this could probably have been resolved a lot
sooner ...
Regards,
Buchan
