On 05/16/2011 10:13 AM, Stephen Lorenz wrote:
Hi,
We are trying to set up our 389 DS instance and everything
seems to work except that LDAP browsers cannot seem to access
the schema. For example, in the LDAPSort LDAP Admin Tool we
receive the error message:
"Unable to read schema!!" Unable to read schema, please
login/bind with an account which has access to schema - You can
also rebind with any entry using the right-click menu and
selecting rebind.
However, we are not trying to access the
directory anonymously; we receive this error even when binding
as Directory Manager.
We also cannot browser the schema using a standard ldapsearch
command.
Any ideas of how to enable schema reading?
ldapsearch -x -D "cn=directory manager" -W -s base -b "cn=schema"
"objectclass=*" attributeTypes objectClasses matchingRules ......
Look in the directory server access log in
/var/log/dirsrv/slapd-INSTNAME/access
to see what search the client is doing
1) it's not searching cn=schema
2) it's not requesting the attributes attributeTypes objectClasses
etc. explicitly - these attributes are operational attributes and
must be explicitly requested in the ldap search request
Thanks,
Stephen
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
|
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
