Open raskyer opened 6 years ago
kawaii
commented
6 years ago This is probably what you're looking for,
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: to attrs=userPassword,memberUid
by dn.exact="cn=readonly,dc=YOURDC" readSave this file as readonly-acl.ldif, modify the part that says dc=YOURDC to match your own configuration, then run the following command:
ldapmodify -D cn=admin,cn=config -W -f readonly-acl.ldif
rhizoome
commented
6 years ago If I do this, I get either ldap_modify: Insufficient access (50) using my normal admin users DN.
dn: olcDatabase={1}mdb,cn=config
changetype: modify
add: olcAccess
olcAccess: to attrs=userPassword,memberUid
by dn.exact="cn=readonly,dc=xxxx,dc=ch" read
modifying entry "olcDatabase={1}mdb,cn=config"
ldap_modify: Insufficient access (50)or ldap_bind: Invalid credentials (49) if I use cn=admin,cn=config
rhizoome
commented
6 years ago The correct way to do this is: ldapmodify -Y EXTERNAL -Q -H ldapi:/// or adding it to /container/service/slapd/assets/config/bootstrap/ldif/custom/
doctorCC
commented
6 years ago Could someone provide a better example, I am new to both Docker and ldap. How would you specify the ldif file mentions above, I tried absolute path on the machine running the docker daemon but it still claimed the file wasn't found. [I figure that it needs to be written inside the Docker container itself] 2) I tried to use 'docker exec my-openldap-container ldapmodify -Y EXTERNAL -Q -H ldapi:///' but did not notice a change afterwards. What should I expect to see different?
Hello,
I'm not especially an LDAP expert but I would like to reproduce a production ldap environment and I don't know how to do it.
So I would like to give access to query to anonymous user. (Search for user, explore dc, etc...).
Do you have any solution for me ? Thank you!