Glenn wrote: > I'm trying to establish an ACI for directory administrators in Fedora > Directory 1.0.3. In the directory console, I right-click the OU and > select "Set Access Permissions". I visit each tab in the visual editor and > enter the correct users, rights, targets, hosts and times. After saving, the > OU shows one ACI. Then I log in to the web-based Directory Server Gateway as > one of the users specified in the ACI, but I am unable to edit another user's > directory attributes. The error message is: > > "An error occurred while contacting the LDAP server. > (Insufficient access - Insufficient 'write' privilege to the 'roomNumber' > attribute of entry 'uid=tsmith,ou=main,ou=people,dc=txwes,dc=edu'. ) > > You do not have sufficient privileges to perform the operation." > > I checked all the inherited ACIs on the OU, and no rights are denied. What > else should I look at? Thanks. -Glenn. > It would be very helpful if you could post the acis you have: ldapsearch -x -D "cn=directory manager" -w password -s sub -b "dc=your, dc=suffix" "aci=*" aci > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20071205/f7e71605/attachment.bin
