I need one specific attribute to be hidden for anyone but one group.
I've tested this one:
(targetattr = "myCustomAttr") (version 3.0; acl "deny all but admins"; deny (all) groupdn != "ldap:///cn=admins,ou=Groups,dc=company,dc=global";)
and seems to work.
Is this the right way to do it?
Can I face any side effects?
I have inherited a 389 LDAP environment, which is running on RHEL
5.5 server. There are two RHEL 5.5 servers in the LDAP environment (389ds1
Currently the directory is only on one system as the replication hasn't
been working for aprox a year (yikes!!!) I am trying to create a
replication agreement between two servers. When I add the replication
agreement I receive an error " LDAP server is unwilling to perform"
My thought is before I introduce a newer version of the LDAP I should try
to get the replication between the two existing servers working.
Any thoughts on where to begin troubleshooting this? I am a 389 LDAP