[389-users] ACI woes - not doing what I want it to
Rich Megginson
rmeggins at redhat.com
Mon Jul 12 20:12:56 UTC 2010
Anne (juniper) Cross wrote:
> I have this syntactically correct ACI:
>
> (targetattr = "*")
> (targetfilter="(ou=mailrouting-listserver)")
> (version 3.0;acl "Listserver Administrator";allow (all)
> (userdn = "ldap:///uid=listserve,ou=resource accounts,ou=people,dc=itasoftware,dc=com");)
>
> It's set on the ou=mailrouting-listserver,ou=resource accounts,etc,etc branch.
>
> I can authenticate successfully using the uid=listserve account, but I cannot in fact write or change entries in the ou=mailrouting-listserver branch using the account.
>
> What have I missed?
>
Does it work if you remove the
(targetfilter="(ou=mailrouting-listserver) clause?
More information about the 389-users
mailing list