the branch to which you want to add the prescriptiveACI
add the attribute administrativeRole with the value
accessControlSpecificArea
On Fri, Nov 23, 2012 at 1:20 PM, Eugene Prokopiev <e...@itx.ru> wrote:
> The problem is \"enableSearchForAllUsers\" substring, backslashes are not
> needed.
>
> Now I have another problem:
>
> $ ldapadd -h localhost -p 10389 -D "uid=admin,ou=system" -W -f aci.ldif
> Enter LDAP Password:
> adding new entry "cn=enableSearchForAllUsers,dc=home"
> ldap_add: No such attribute (16)
> additional info: NO_SUCH_ATTRIBUTE: failed for Add Request :
> ClientEntry
> dn: cn=enableSearchForAllUsers,dc=home
> objectClass: top
> objectClass: subentry
> objectClass: accessControlSubentry
> cn: enableSearchForAllUsers
> prescriptiveACI: { identificationTag "enableSearchForAllUsers",
> precedence 14, authenticationLevel simple, itemOrUserFirst userFirst: {
> userClasses { allUsers }, userPermissions { { protectedItems {entry,
> allUserAttributeTypesAndValues}, grantsAndDenials { grantRead,
> grantReturnDN, grantBrowse } } } } }
> administrativeRole: accessControlSpecificArea
> subtreeSpecification: {}
> : Administration point 0.9.2342.19200300.100.1.25=home does not contain an
> administrativeRole attribute! An administrativeRole attribute in the
> administrative point is required to add a subordinate subentry.
>
> Which entry must contain administrativeRole attribute? Which objectClass
> defines this attribute?
>
> --
> Regards,
> Eugene Prokopiev
>
--
Kiran Ayyagari
http://keydap.com
