Copy of email I sent to Nathan (his email reached me first). If you bind as "cn=root,dc=tontoapache,dc=com", you shouldn't have any problems changing things. ldapmodify -x -h localhost \ -D "cn=root,dc=tontoapache,dc=com" \ -W -f /tmp/changes.ldif thus the changes in /tmp/changes.ldif should work. It really helps clarify things when you learn to use the command line client tools first (ldapadd/ldapmodify/ldapsearch) before you go jumping into gui tools. Anyway, you have no ACL's at all so the only one who is allowed access is going to be the rootdn. If you add (see below for location)... (note that the ACL I included is just 1 of many). Craig On Tue, 2006-05-16 at 09:25 -0700, Nathan England wrote: > This is my entire slapd.conf file, I found one of the articles from LJ and > I'm going to make some changes to it following their example. > > nathan > > > include /etc/openldap/schema/core.schema > include /etc/openldap/schema/cosine.schema > include /etc/openldap/schema/inetorgperson.schema > include /etc/openldap/schema/nis.schema > include /etc/openldap/schema/samba.schema > # Define global ACLs to disable default read access. ---- # the following allows version 2 binds (some clients # like mail clients still use v2 binds) and the second # argument allows anonymous binds # allow bind_v2 bind_anon_dn ---- > ---- # very helpful for logging # loglevel 256 # # # if you add something like this to your syslog.conf # # local4.* /var/log/slapd.log # ---- > # Do not enable referrals until AFTER you have a working directory > # service AND an understanding of referrals. > #referral ldap://root.openldap.org > > pidfile /var/run/slapd.pid > argsfile /var/run/slapd.args > > # Load dynamic backend modules: > modulepath /usr/sbin/openldap > moduleload back_bdb.la > moduleload back_ldap.la > moduleload back_ldbm.la > moduleload back_passwd.la > moduleload back_shell.la ---- # ACL's # # the following allows all to read and write (probably bad) # # access to * by * write # # allow everybody to try to bind access to attrs=userPassword,sambaNTPassword,sambaLMPassword by dn.exact="uid=Administrator,ou=People,dc=azapple,dc=com" write by self write by anonymous auth by * none # ---- > > #security ssf=1 update_ssf=112 simple_bind=64 > > ####################################################################### > # BDB database definitions > ####################################################################### > > database bdb > suffix "dc=tontoapache,dc=com" > rootdn "cn=root,dc=tontoapache,dc=com" > rootpw {SSHA}g3hhl8wBhHKNd6TylI2F6ZLfuAaJrXem > directory /var/lib/openldap/openldap-data > > # Indices to maintain > index objectClass eq > index cn pres,sub,eq > index sn pres,sub,eq > index uid pres,sub,eq > index displayName pres,sub,eq > index sambaSID eq > index sambaPrimaryGroupSID eq > index sambaDomainName eq > index default sub > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss