Re: Fine grained access control

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: Fine grained access control
Date: Sat, 13 Oct 2012 18:20:25 +0200

On Tue, 2012-09-18 at 11:58 +0200, Richard Pijnenburg wrote:
> First did a ldapsearch based on a part of the search string:
> 
> ldapsearch -x 
> '(&(objectClass=groupOfURLs)(cn=prod)(member=uid=richard,ou=people,dc=ispavailability,dc=com))'
> 
> And i get nothing back.
> 
> If i take out the member part i get this:
> 
> ldapsearch -x '(&(objectClass=groupOfURLs)(cn=prod))'
> 
> dn: cn=prod,ou=isp,ou=acl,dc=ispavailability,dc=com
> objectClass: groupOfURLs
> cn: prod acl
> cn: prod
> memberURL: 
> ldap:///cn=sysadmin,ou=isp,ou=groups,dc=ispavailability,dc=com?member?sub?
> member: uid=richard,ou=people,dc=ispavailability,dc=com
> 
> Any idea what im doing wrong?

I'm not sure but it seems that your LDAP server returns some attribute
values that you cannot search for. This goes beyond what I normally use
LDAP for so I don't think I'm much help here.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

Re: Fine grained access control, (continued)

Prev by Date: Re: Issue with libnss-ldap on Debian squeeze, trying anonymous bind with a binddn
Next by Date: Solaris support (Was: release 0.8.11 of nss-pam-ldapd)
Previous by thread: Re: Fine grained access control
Next by thread: filter search limit