Open raskyer opened 6 years ago
This is probably what you're looking for,
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: to attrs=userPassword,memberUid
by dn.exact="cn=readonly,dc=YOURDC" read
Save this file as readonly-acl.ldif
, modify the part that says dc=YOURDC
to match your own configuration, then run the following command:
ldapmodify -D cn=admin,cn=config -W -f readonly-acl.ldif
If I do this, I get either ldap_modify: Insufficient access (50) using my normal admin users DN.
dn: olcDatabase={1}mdb,cn=config
changetype: modify
add: olcAccess
olcAccess: to attrs=userPassword,memberUid
by dn.exact="cn=readonly,dc=xxxx,dc=ch" read
modifying entry "olcDatabase={1}mdb,cn=config"
ldap_modify: Insufficient access (50)
or ldap_bind: Invalid credentials (49)
if I use cn=admin,cn=config
The correct way to do this is: ldapmodify -Y EXTERNAL -Q -H ldapi:///
or adding it to /container/service/slapd/assets/config/bootstrap/ldif/custom/
Could someone provide a better example, I am new to both Docker and ldap. How would you specify the ldif file mentions above, I tried absolute path on the machine running the docker daemon but it still claimed the file wasn't found. [I figure that it needs to be written inside the Docker container itself] 2) I tried to use 'docker exec my-openldap-container ldapmodify -Y EXTERNAL -Q -H ldapi:///' but did not notice a change afterwards. What should I expect to see different?
Hello,
I'm not especially an LDAP expert but I would like to reproduce a production ldap environment and I don't know how to do it.
So I would like to give access to query to anonymous user. (Search for user, explore dc, etc...).
Do you have any solution for me ? Thank you!