Hi,
Well, I'm having a little trouble with (perl-ldap)->search. Actually,
I don't know if the issue resides on this search method. I have a LDAP
data base managed by OpenLDAP. I've an organizational subtree called
ou=Management,dc=Department,dc=Institution. In slapd.conf I've
permissions like these:
access to dn=".*ou=Management,dc=Department,dc=Institution"
by anonymous auth
by dn="cn=Manager,ou=Administration,dc=Department,dc=Institution"
+wrscx
by dn=".*,dc=Department,dc=Institution" =r
by self write
The problem is: I cannot access (lets say, read) the complete subtree
entries (from ou=Management,dc=Department,dc=Institution) using
cn=Manager,ou=Administration,dc=Department,dc=Institution as the
binder DN. Yet, using the main OpenLDAP manager DN
(cn=root,dc=Department,dc=Institution) I can read all the subtree
entries (entries I mean by leaf DNs, subtree DNs and their leaf DNs,
and so on), using the same perl code of course.
( seach query: $ldap->search(base=>$SubtreeDN, scope=>'sub',
filter=>"(objectclass=*)"); )
Could anyone give any suggestion/idea on what could be going on, please?
Thanks in advance,
--
Relho de Couro
