Manualshelf

HP OSMS Blueprint: Directory Services on HP ProLiant Servers with SLES10

ManualsBrandsHP ManualsSoftwareHP Linux Caliper Software Electronic LTU
21222324252627282930
The following output displays:
Compare Result: Insufficient access (50)
UNDEFINED
7. To test the compare privilege of the user 'dc=dn2,dc=example,dc=com' use the
ldapcompare by entering the following:
# /opt/symas/bin/ldapcompare -x -D 'dc=dn2,dc=example,dc=com' \
-w abc123 -h cds_server dc=osm,dc=example,dc=com ou:osm
The return value, TRUE indicates that the user 'dc=dn2,dc=example,dc=com' can perform
the compare operation on the ou attribute of dc=osm,dc=example,dc=com and the value
of the ou attribute is equal to osm.
8. Use the ldapsearch command to verify that the user 'dc=dn2,dc=example,dc=com'
cannot perform the search operation on the specific resource by entering the following:
# /opt/symas/bin/ldapsearch -x -D 'dc=dn2,dc=example,dc=com' \
-w abc123 -h cds_server ou=osm
The following is displayed:
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: ou=osm
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
No DNs are displayed even though the DN 'dc=osm,dc=example,dc=com' with ou equal
to osm does exist in the CDS database, indicating that the user
dc=dn2,dc=example,dc=com is not granted the search privilege.
9. Use the ldapsearch command with the user 'dc=dn3,dc=example,dc=com' to verify
the search privilege has been granted and takes effect:
# /opt/symas/bin/ldapsearch -x -D 'dc=dn3,dc=example,dc=com' \
-w abc123 -h cds_server ou=osm -LLL
The following is displayed:
dn: dc=osm,dc=example,dc=com
objectClass: dcObject
objectClass: organizationalUnit
dc: osm
The DN dc=osm,dc=example,dc=com is searched out but the attributes of ou and
userPassword are not listed because the user 'dc=dn3,dc=example,dc=com' does not
have read privileges on these two attributes.
10. Use the ldapsearch command with 'dc=dn4,dc=example,dc=com' to test the user's
read privilege by entering the following command:
# /opt/symas/bin/ldapsearch -x -D 'dc=dn4,dc=example,dc=com' \
-w abc123 -h cds_server ou=osm -LLL
The following is displayed:
dn: dc=osm,dc=example,dc=com
objectClass: dcObject
30