Hi Jeroen, Here is an example how to add the administrativeRole: http://directory.apache.org/apacheds/1.5/32-basic-authorization.data/authz_sevenSeas.ldif
In the "Basic Users Guide" there are some examples how to set up authorization: http://directory.apache.org/apacheds/1.5/32-basic-authorization.html Kind Regards Stefan Jeroen Vriesman schrieb: > Hi, > > thanks, this it doesn't complain about the syntax anymore. > > now it wants an "administrativeRole", which I would like to set to > "accessControlSpecificArea" > > In the doc's I can only find how to do that programmatically, but I'm not > java programmer, what would be the ldif for such an operation? > > thanks, > Jeroen. > > > On Thu, May 22, 2008 at 2:26 PM, Emmanuel Lecharny <[EMAIL PROTECTED]> > wrote: > > >> Sorry, I forgot to add the " around enableSearchForAllUsers in the >> prescriptiveACI attribute. Try this : >> >> dn: cn=enableSearchForAllUsers,dc=example,dc=com >> cn: enableSearchForAllUsers >> objectClass: top >> objectClass: subentry >> objectClass: accessControlSubentry >> subtreeSpecification: {} >> prescriptiveACI: { identificationTag "enableSearchForAllUsers", precedence >> 14, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { >> allUsers }, userPermissions { { protectedItems {entry, >> allUserAttributeTypesAndValues}, grantsAndDenials { grantRead, >> grantReturnDN, grantBrowse } } } } } >> >> >> >> >> Jeroen Vriesman wrote: >> >> >>> Hi, >>> >>> this gives me: >>> >>> adding new entry "cn=enableSearchForAllUsers, o=hivos" >>> ldap_add: Invalid syntax (21) >>> additional info: failed to add entry >>> cn=enableSearchForAllUsers,o=hivos: >>> Attribute value '{ identificationTag enableSearchForAllUsers, precedence >>> 14, >>> authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { >>> allUsers }, userPermissions { { protectedItems {entry, >>> allUserAttributeTypesAndValues}, grantsAndDenials { grantRead, >>> grantReturnDN, grantBrowse } } } } }' for attribute 'prescriptiveaci' is >>> syntactically incorrect >>> >>> >>> any idea why? >>> >>> On Thu, May 22, 2008 at 1:33 PM, Emmanuel Lecharny <[EMAIL PROTECTED]> >>> wrote: >>> >>> >>> >>> >>>> Jeroen Vriesman wrote: >>>> >>>> >>>> >>>> >>>>> Hi all >>>>> >>>>> I was looking at the howto: >>>>> http://directory.apache.org/apacheds/1.5/enablesearchforallusers.html >>>>> >>>>> it has a link to >>>>> enableSearchForAllUsers.ldif< >>>>> >>>>> http://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=DIRxSRVx11&title=enableSearchForAllUsers.ldif&linkCreation=true&fromPageId=55229 >>>>> >>>>> >>>>> >>>>>> which >>>>>> >>>>>> >>>>>> >>>>> points to a wiki, but I cannot find the ldif files of the example >>>>> authentication configurations. >>>>> >>>>> Does anyone here have a link to the ldif files? >>>>> >>>>> cheers, >>>>> Jeroen. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>> It seems that the link is broken. Can you fill a JIRA so that we remember >>>> to fix it ? >>>> >>>> Here is the LDIF file, just in case : >>>> >>>> dn: cn=enableSearchForAllUsers,dc=example,dc=com >>>> cn: enableSearchForAllUsers >>>> objectClass: top >>>> objectClass: subentry >>>> objectClass: accessControlSubentry >>>> subtreeSpecification: {} >>>> prescriptiveACI: { identificationTag enableSearchForAllUsers, precedence >>>> 14, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses >>>> { >>>> allUsers }, userPermissions { { protectedItems {entry, >>>> allUserAttributeTypesAndValues}, grantsAndDenials { grantRead, >>>> grantReturnDN, grantBrowse } } } } } >>>> >>>> >>>> -- >>>> -- >>>> cordialement, regards, >>>> Emmanuel Lécharny >>>> www.iktek.com >>>> directory.apache.org >>>> >>>> >>>> >>>> >>>> >>>> >>> >>> >> -- >> -- >> cordialement, regards, >> Emmanuel Lécharny >> www.iktek.com >> directory.apache.org >> >> >> >> > >
