This application uses OpenLDAP and we had to reconfigure everything (create a new root dn, a binding user ...) but as Murpy's law says, "if anything can go wrong, it will". And I can confirm it happened.
We found out that when we set up the access to the ldap server in slapd.conf, comments (starting with #) does not necessarily comment the line out.
We had some lines as follow:
access to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=myserver,dc=com" write
#by dn="uid=cyril,ou=People,dc=myserver,dc=com" write
#by anonymous auth
by self write
by * none
You would think that it would be like the below but it's not
access to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=myserver,dc=com" write
by self write
by * none
According to the slapd config documentation
Blank lines and comment lines beginning with a '#' character are ignored. If a line begins with white space, it is considered a continuation of the previous line (even if the previous line is a comment).
No comments:
Post a Comment