[Freeipa-users] Getting ACL Syntax Error(-5)
Deepak Dimri
deepak_dimri at hotmail.com
Wed Aug 31 09:49:28 UTC 2016
Hi All,I am getting ACL Syntax Error(-5) when trying to add ACI to my freeIPA server. Any idea why i am getting this error?
This is the error i am getting:
ldap_modify: Invalid syntax (21)
additional info: ACL Syntax Error(-5):(targetattr=\22userclass\22)(targetfilter=\22(objectclass=ipahost)\22)(version3.0; acl \22permission:Allow admin to modify hosts membership within permitted hostgroups\22; allow (write) groupdn =\22ldap:///cn=testadmingroup,cn=groups,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com\22;)
my ldif entries:
dn: cn=computers,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com
add: aci
aci: (targetattr = "userclass")(targetfilter = "(objectclass=ipahost)")(version3.0;acl "permission:Allow admin to modify hosts membership within permitted hostgroups";allow (write) groupdn ="ldap:///cn=testadmingroup,cn=groups,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com";)
Also, one general question i should be able to view the ACI under freeIPA permission tab once it gets created correct?
Thanks & regards,Deepak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160831/ba01dcce/attachment.htm>
More information about the Freeipa-users
mailing list