[Fedora-directory-users] ACIs Don't Work?
Rich Megginson
rmeggins at redhat.com
Wed Dec 5 15:18:53 UTC 2007
Glenn wrote:
> I'm trying to establish an ACI for directory administrators in Fedora
> Directory 1.0.3. In the directory console, I right-click the OU and
> select "Set Access Permissions". I visit each tab in the visual editor and
> enter the correct users, rights, targets, hosts and times. After saving, the
> OU shows one ACI. Then I log in to the web-based Directory Server Gateway as
> one of the users specified in the ACI, but I am unable to edit another user's
> directory attributes. The error message is:
>
> "An error occurred while contacting the LDAP server.
> (Insufficient access - Insufficient 'write' privilege to the 'roomNumber'
> attribute of entry 'uid=tsmith,ou=main,ou=people,dc=txwes,dc=edu'. )
>
> You do not have sufficient privileges to perform the operation."
>
> I checked all the inherited ACIs on the OU, and no rights are denied. What
> else should I look at? Thanks. -Glenn.
>
It would be very helpful if you could post the acis you have:
ldapsearch -x -D "cn=directory manager" -w password -s sub -b "dc=your,
dc=suffix" "aci=*" aci
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20071205/f7e71605/attachment.bin>
More information about the 389-users
mailing list