Re: accessControlEnabled in server.xml does not seem to be working

Tue, 02 Sep 2008 06:51:59 -0700 

Hi !

Brian Burch wrote:
I started converting my existing LDAP directory from fedora DS (originally netscape then iPlanet) to apacheDS 1.5.3 about 2 weeks ago (using the deb). I've worked my way around several deficiencies in the working copies of the documentation and intend to report them individually once my system is running and I'm confident I know what I am talking about... 
Many thanks ! The doco is certainly far away from being perfect ... :/



I have my own directory running and have created all of my objects, 
some of which are fairly complex and involved extending the schema. I 
work entirely with ldif files because I can keep copies for 
documentation and I tend to distrust guis.



I have just defined an accessControlSpecific area for the root of my 
directory. I have also defined the two examples from your web site: 
enableSearchForAllUsers and allowSelfAccessAndModification.



I modified my server.xml to set accessControlEnabled true (the sample 
is set to false by default). When I restarted the server process, it 
does not log anything about the state of this particular property. 
However, I noticed following message in the log:



[08:24:45] INFO [org.apache.directory.server.configuration.ApacheDS] - 
Set the allowAnonymousAccess flag to false



This is puzzling me because I didn't change the 
defaultDirectoryService property allowAnonymousAccess from its 
as-shipped value of true!



Am I correct in concluding that BOTH these properties are not being 
set by my server.xml? Is this a bug, or has their location changed 
with 1.5.3?


Any clues would be appreciated,



The best would be for us to have a copy of your configuration and LDIF 
files ( if there nothing confidential about of course). Also note that 
we are currently working on releasing a 1.5.4 version very soon (it's a 
matter of days), so if there are important bugs in this area, it's the 
perfect timing to fix them right now.


Waiting to get more infor from your part.

And thanks for using ADS, btw !

--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
























					Reply via email to