Openldap - slap_access_allowed: auth access denied by =0 - Not able to authenticate user
Solution 1:
First, looks like you're sending your password over the wire in clear text. Don't do that. Get some kind of TLS going, either starttls or LDAPS .
Also, dn.base="" and dn.base="cn=Subschema" are generally controlled by a different backend than the one you'll be applying ACLs to, so you might want to check if you even need those lines where you're putting them.
To your actual question:
OpenLDAP ACLs are a first match wins situation. Also, all lines end in an implied by * none. So, olcAccess: to * by dn="cn=webadm,dc=webADM" write is effectively olcAccess: to * by dn="cn=webadm,dc=webADM" write by * none, which means that your following line never gets parse because you've already had a match. (Flow control can change things, but you probably don't need it yet.)
Standard:
olcAccess: to *
by dn="cn=webadm,dc=webADM" write
by self write
by users read
by anonymous auth
Flow Control:
olcAccess: to *
by group.exact="cn=ldap-admins,ou=groups,dc=example,dc=com" write
by group.exact="cn=ldap-servers,ou=groups,dc=example,dc=com" read
by dn.exact="cn=webadm,ou=users,dc=example,dc=com" write
by * break
olcAccess: to attr=userPassword
by self write
by * auth
olcAccess: to attrs=member
by set="this/owner & this/owner/member* & user" write
by users read
olcAccess: to *
by self write
by users read
by anonymous auth
(Yes, you could make your webadm part of ldap-admins, but really there's so much I don't know about what you're doing or the scope of your system. I also threw in the best common use of sets as an example in case that's handy at some point.)