I needed to create a user (it's already created) in my LDAP schema and want to give privileges of reading/writing to that user like if they were the admin but just for a specific subtree.

The thing is I added an ACL in slapd.conf like this:

access to dn.subtree="dc=domain,dc=com,o=isp" by dn="cn=user,dc=domain,dc=com,o=isp" manage by * none

When I login into phpldapadmin with that user, I can't see anything from the subtree, but get message:

o=isp This base entry does not exist. Create it?

That entry actually exist so something's not working.

If change the ACL attribute inside slapd.conf to this:

access to * by dn="cn=user,dc=domain,dc=com,o=isp" manage by * none

Then, when I login, I can see all the scheme and subtrees but only want to give privileges for a specific dn, not the whole scheme.