Suse 9.2 & kdepim & ldap

From(投稿者):	Dirk Dupont <dirk.dupont@advalvas.be>
Newsgroups(投稿グループ):	fj.net.ldap
Subject(見出し):	Suse 9.2 & kdepim & ldap
Date(投稿日時):	Thu, 02 Dec 2004 08:37:56 GMT
Organization(所属):	Telenet Internet
Message-ID(記事識別符号):	(G) <EvArd.7148$jM1.360548@phobos.telenet-ops.be>

From(投稿者):

Dirk Dupont <dirk.dupont@advalvas.be>

Newsgroups(投稿グループ):

fj.net.ldap

Subject(見出し):

Suse 9.2 & kdepim & ldap

Date(投稿日時):

Thu, 02 Dec 2004 08:37:56 GMT

Organization(所属):

Telenet Internet

Message-ID(記事識別符号):

(G) <EvArd.7148$jM1.360548@phobos.telenet-ops.be>

記事全体へのコマンド

Hallo,

I would like to make PIM work completely with a LDAP addressbook. 

Even after giving the world-wide access to everybody to the addressbook
section in my ldap-server it still give me the error "cannot write to
addressbook".

Can anybody help me ?
I included the export of my ldap-db and the slapd.conf


Thanks





dn: dc=my_company,dc=be
objectClass: top
objectClass: dcObject
objectClass: organization
dc: my_company
o: my_company Unlimited

dn: ou=equipment,dc=my_company,dc=be
objectClass: organizationalUnit
ou: equipment
description: IT assets branch 

dn: cn=LPT1,ou=equipment,dc=my_company,dc=be
objectClass: device
cn: LPT1
description: Brother HL-1470
serialNumber: 1-77-23-15
l: Desk
owner: cn=First_Name Last_Name,ou=people,dc=my_company,dc=be
ou: printers

dn: ou=people,dc=my_company,dc=be
objectClass: organizationalUnit
ou: people
description: All people 

dn: cn=First_Name Last_Name,ou=people,dc=my_company,dc=be
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: Last_Name
cn: First_Name Last_Name
mail: dirk.dupont@advalvas.be

dn: ou=addressbook,cn=First_Name Last_Name,ou=people,dc=my_company,dc=be
objectClass: organizationalUnit
ou: addressbook









#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/rfc2307bis.schema
include         /etc/openldap/schema/yast.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args

# Load dynamic backend modules:
modulepath      /usr/lib/openldap/modules
# moduleload    back_ldap.la
# moduleload    back_meta.la
# moduleload    back_monitor.la
# moduleload    back_perl.la

# Sample security restrictions
#       Require integrity protection (prevent hijacking)
#       Require 112-bit (3DES or better) encryption for updates
#       Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:
#               Allow self write access to user password
#               Allow anonymous users to authenticate
#               Allow read access to everything else
#       Directives needed to implement policy:
access to dn.base=""
        by * write

access to dn.base="cn=Subschema"
        by * read

access to attr=userPassword,userPKCS12
        by self write
        by * auth

access to attr=shadowLastChange
        by self write
        by * read

# allow read of addressbook by owner and itpeople; no-one else see it
access to dn.base="ou=addressbook,cn=.*,ou=people,dc=my_company,dc=be"
         by * write
#   by anonymous write
#  by dn.exact,expand="cn=$1,ou=people,dc=my_company,dc=be" read
#    attrs=entry
#  by group.exact="cn=itpeople,ou=groups,dc=my_company,dc=be" write
#  by users none

access to *
        by * read

# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database        bdb
checkpoint      1024    5
cachesize       10000
suffix          "dc=my_company,dc=be"
rootdn          "cn=root,dc=my_company,dc=be"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          secret
# The database directory MUST exist prior to running slapd AND 
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/ldap
# Indices to maintain
index   objectClass     eq

Fnews-brouse 1.9(20180406) -- by Mizuno, MWE <mwe@ccsf.jp>
GnuPG Key ID = ECC8A735
GnuPG Key fingerprint = 9BE6 B9E9 55A5 A499 CD51 946E 9BDC 7870 ECC8 A735