LDAP Programming
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me

The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.

Go Back   Dev Shed ForumsDatabasesLDAP Programming
Reload this Page

Ldap_add: Insufficient access (50)


Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old April 28th, 2010, 01:41 PM
dpprgmer dpprgmer is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Apr 2010
Posts: 3 dpprgmer User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 41 m 55 sec
Reputation Power: 0
Unhappy Ldap_add: Insufficient access (50)
I have followed all steps for openldap installation
and was able to succesfully run the slapd daemon
I even added ldapadd -x -D "cn=Manager,dc=mydomain,dc=com" -W -f example.ldif
I added some data using the above command
the contents of example.ldif is

Code:
dn: dc=mydomain,dc=com
objectclass: dcObject
objectclass: organization
o: mydomain
dc: mydomain

dn: cn=Manager,dc=mydomain,dc=com
objectclass: organizationalRole
cn: Manager


Now I am trying to add the file inetorgperson.ldif (available in the schema folder)
to the directory
using the following command
Code:
dapadd -x -D "cn=Manager,dc=mydomain,dc=com" -W -f /usr/local/etc/openldap/schema/inetorgperson.ldif


but I am getting the following error
Code:
Enter LDAP Password:
adding new entry "cn=inetorgperson,cn=schema,cn=config"
ldap_add: Insufficient access (50)


I have added the following statement to slapd.conf
Code:
access to * by * write

to no use
I am not understanding where I am going wrong
not mentioning the rootdn gives an error saying
adding new entry "cn=inetorgperson,cn=schema,cn=config"
ldap_add: Strong(er) authentication required (8)
additional info: modifications require authentication

If anyone has solution to the same
please reply
the contents of my slapd file are
Code:
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/java.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
#include /usr/local/etc/openldap/schema/inetorgperson.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org

pidfile /usr/local/var/run/slapd.pid
argsfile /usr/local/var/run/slapd.args

# Load dynamic backend modules:
# modulepath /usr/local/libexec/openldap
# moduleload back_bdb.la
# moduleload back_hdb.la
# moduleload back_ldap.la

# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

#allow bind_anon_cred
#disallow bind_simple
# Sample access control policy:
#   Root DSE: allow anyone to read it
#   Subschema (sub)entry DSE: allow anyone to read it
#   Other DSEs:
#       Allow self write access
#       Allow authenticated users read access
#       Allow anonymous users to authenticate
#   Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
#access to attrs=userpassword by self =w by anonymous auth
#access to * by self write by users read
access to * by * write
#access to * by dn.base="cn=cosine,cn=schema,cn=config" write
#access to *  by dn.base="cn=inetorgperson,cn=schema,cn=config" write
#by * write
#by users write
#by dn.base="cn=cosine,cn=schema,cn=config" write
#   by self write
#   by users read
#   by anonymous auth
#allow bind_anon_dn
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!  

#######################################################################
# BDB database definitions
#######################################################################

#database   bdb
#suffix     "dc=my-domain,dc=com"
#rootdn     "cn=Manager,dc=my-domain,dc=com"

database bdb
suffix   "dc=mydomain,dc=com"
rootdn   "cn=Manager,dc=mydomain,dc=com"

# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw  secret

#replica host=localhost:389
#binddn "cn=cosine,cn=schema,cn=config"
#bindmethod=simple credentials=secret

# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory   /usr/local/var/openldap-data
# Indices to maintain
index   objectClass eq

loglevel 128



Thanks,
Reply With Quote
Reply

Viewing: Dev Shed ForumsDatabasesLDAP Programming > Ldap_add: Insufficient access (50)

« Previous Thread | Next Thread »

Developer Shed Advertisers and Affiliates



Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 


Powered by: vBulletin Version 3.0.5
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.

© 2003-2013 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap