Running Openldap 2.4.40 under RHEL 6.10
Trying to get this to work without success (from the slapd.access man page):
" One useful application is to easily grant write privileges to an updatedn
that is different from the rootdn.
In this case, since the updatedn needs write access to (almost) all data, one
can use
access to *
by dn.exact="cn=The Update DN,dc=example,dc=com" write
by * break "
I have this as the only access rule in slapd.conf but any write operation using
this dn gives me insufficient access, and slapacl verifies that read access
only is permitted.
access to dn.subtree="dc=university,dc=edu"
by dn.exact="cn=grouper-admin,dc=university,dc=edu" write
by * break
Standard rootdn works fine. This system is a master for two consumers, but
there's no external access to the master so a stripped-down acl list is
appropriate.
Thanks for any direction for what I've missed.
Peter
