ldap_modify: Other (e.g., implementation specific) error (80), <olcAccess> handler exited with 1

openldap

When modifying the Open-LDAP configuration using:

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to *
 by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" write
 by * none

I get the error:

ldap_modify: Other (e.g., implementation specific) error (80)
    additional info: <olcAccess> handler exited with 1

This is because the line continuation in the ldif file removes the first space and the attribute is considered to be: {0}to *by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" writeby * none (which is invalid)

So, put an extra space in front of the line continuations:

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to *
  by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" write
  by * none

Keep in mind that this error is thrown when your olcAccess statement has other syntax problems, too. For instance, I used a keyword in one of my 'by' clauses that didn't belong there and rather than telling me "you can't use 'UID' here" it kept saying "slapd: line 0: expecting 'access' got [my DN]". The errors for this thing are obtuse.

Related

CDN: How is it possible that my DNS delivers a different IP depending on the visitors location?
Cooling for a small server room
Force Windows Server 2008 to use legacy BIOS bootloader instead of EFI
How to disable or remove the YaraScanService (MRT.app)?
Keyboard shortcuts with a single key?
Unhide invisible files from the command line
Early 2013 Macbook Pro with 4K
How to obtain Bluetooth ID (OS X)
What words trigger the screen effects in iMessage?
How do I permanently disable Notification Center in Mavericks?
Replacing rubber spring/cup under Tab key cap
Macbook Pro Mid 2010 NVIDIA GeForce GT 330M random glitch showing when scrolling, writing or watching videos