Hello.

I have a problem I can't manage with. Just started using LDAP (slapd) and have problem with configuration file. I want to restrict access for user student1 for tree(book) and its subtree. Structure of my root is:
dc=sk,dc=tes,dc=edu,dc=pl
In this i have two ou, one of them (users) has user student1. And I want to allow student1 to access second one(book).

This entry:
Code:
access to dn.subtree="dc=sk,dc=tes,dc=edu,dc=pl"
        by dn="uid=student1,ou=users,dc=sk,dc=tes,dc=edu,dc=pl" read
        by anonymous auth
        by * none
works fine, but of course it allows user to have access to everything. But when I'm trying this:

Code:
access to dn.subtree="ou=book,dc=sk,dc=tes,dc=edu,dc=pl"
        by dn="uid=student1,ou=users,dc=sk,dc=tes,dc=edu,dc=pl" read
        by anonymous auth
        by * none
It doesn't work and ldepsearch (ldapsearch -x -D 'uid=student1,ou=users,dc=sklab,dc=tes,dc=edu,dc=pl' -W) return me "32 No such object".

What am I doing wrong?

Thanks for help and sorry for my english.