Results 1 to 10 of 18

Thread: ldap_add: Insufficient access NDS error: no access (-672)

Threaded View

  1. #1
    Join Date
    Nov 2017

    ldap_add: Insufficient access NDS error: no access (-672)

    Hi everyone!

    I'm very new in the management of this software, sorry if i don't explain well...

    I install eDirectory 9.0 SP4 in a Red Hat Enterprise 7.3 in a clean system, no eDirectory installed and any updates, it is an environment test and there is no active firewall.
    I am installing and configuring with root user.

    Then i create a new tree like this:

    ndsconfig new -t TREE -a cn=admin.ou=sa.o=cs -n ou=servers.o=system

    All it's OK.
    Then i install iManager 3.0.4 and i add more "ou" and "objects". All runs OK.

    But now, i want to add a config ldif file (departments.ldif) with the ldapadd tool like this:

    ldapadd -v -H ldap://xxx.xx.x.xxx -v -D cn=admin,ou=users,o=avs -f departments.ldif

    And i get this error: ldap_add: Insufficient access (50)
    additional info: NDS error: no access (-672)

    I make the installation with root and, i guess i have the right permissions.
    I check the lapd.conf:

    cat /etc/openldap/ldap.conf 
    # LDAP Defaults
    # See ldap.conf(5) for details
    # This file should be world readable but not world writable.
    #BASE   dc=example,dc=com
    #URI    ldap://ldap.example.com ldap://ldap-master.example.com:666
    #SIZELIMIT      12
    #TIMELIMIT      15
    #DEREF          never
    #TLS_REQCERT allow
    TLS_CACERTDIR /etc/openldap/cacerts
    # Turning this off breaks GSSAPI used with krb5 when rdns = false
    SASL_NOCANON    on
    URI ldaps://server_IP ldaps://server_IP ldap://server_IP ldaps://server_IP ldap://localhost.localdomain
    BASE dc=test,dc=example,dc=domain,dc=com
    Any idea where I have to check the permits?
    What can i be doing wrong?

    Thanks for any help!
    Last edited by InmaGP; 13-Apr-2018 at 08:30 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts