0
I needed to create a user (it's already created) in my LDAP schema and want to give privileges of reading/writing to that user like if they were the admin but just for a specific subtree.
The thing is I added an ACL in slapd.conf
like this:
access to dn.subtree="dc=domain,dc=com,o=isp" by dn="cn=user,dc=domain,dc=com,o=isp" manage by * none
When I login into phpldapadmin
with that user, I can't see anything from the subtree, but get message:
o=isp This base entry does not exist. Create it?
That entry actually exist so something's not working.
If change the ACL attribute inside slapd.conf
to this:
access to * by dn="cn=user,dc=domain,dc=com,o=isp" manage by * none
Then, when I login, I can see all the scheme and subtrees but only want to give privileges for a specific dn
, not the whole scheme.