I am trying to create a password policy container:# cat /root/add_pwpolicy.ldif
dn: ou=pwpolicy,dc=example,dc=com
objectClass: organizationalUnit
using: ldapadd -Y EXTERNAL -H ldapi:/// -f /root/add_pwpolicy.ldif -v
I keep getting ldap_add: Insufficient access (50) and know I need to create some kind of ACL. Does anybody know how I can create the permissions to enable me to create:
cn=default,ou=pwpolicy,dc=example,dc=com ?
When I use slapcat I see:
olcAccess: {0}to attrs=userPassword by dn=“cn=manager,dc=example,dc=com”
write by anonymous auth by self write by * none
olcAccess: {1}to attrs=shadowLastChange by self write by * read
olcAccess: {2}to dn.base=“” by * read
olcAccess: {3}to * by dn=“cn=manager,dc=example,dc=com” write by * read
I am using this as a reference:
After three days of testing I have finally cracked this:
/root/olcaccess.ldif:
dn: olcDatabase={2}mdb,cn=configchangetype: modifyadd: olcAccess
olcAccess: {4}to dn.entry=“ou=pwpolicy,dc=example,dc=com” by users writeolcAccess: {5}to dn.children=“ou=pwpolicy,dc=example,dc=com” by users write
# ldapadd -x -D cn=Manager,dc=example,dc=com -y /root/.pass.txt -f /root/olcaccess.ldif
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.