domain maintainer unable to write to user accounts
Gavin McCullagh
gavin.mccullagh at gcd.ie
Thu Aug 19 00:55:32 CEST 2010
Hi,
we have a kolab v2.2.4 setup with a main domain and two others. I've
created domain maintainer accounts and set them with access to edit all
three domains. When I edit the non-main domain accounts using the domain
maintainer accounts, some of the time the edit works and some of the time I
get the error:
LDAP Error: Could not modify object cn=XXXXXXXXXXXX,dc=YYYYYYYY,dc=ZZZ: Insufficient access
There seems to be no pattern in which accounts I can and edit and which
I can't. I've looked at slapcat output and the accounts that work look
identical to those which I can't edit.
Does anyone have any suggestions how I might debug this? I'll admit I
don't completely understand the openldap schemas and ACLs so perhaps I'm
missing something important there?
Many thanks in advance for any suggestions,
Gavin
More information about the users
mailing list