Re: [Fwd] Net::LDAP api talking to Netscape Directory server

[Ron H. <th...@cc...>]

	Source of the problem has been found (I think)...

	ldif file has the following definition

	dn: cn=Directory Manager, o=McGill, c=CA
        cn: Directory Manager
        objectclass: top
        objectclass: groupofuniquenames
        uniquemember: cn=<<<<SOME STUFF>>>

	Where some stuff points to a record no longer in the
	LDAP database <OH>

	This is further confounded by the aci

	aci: (target="ldap:///o=McGill, c = CA") (targetattr = "*")
             (version 3.0; acl "allow all Admin group"; allow(all) 
             groupdn="ldap:cn=Directory Manager,o=McGill,c=CA";)


	Which if I understand it correctly means that only people in the
	admin group and do root dn things and that the admin group (as
	defined by Directory Manager) needs to have a valid user in it

	Either that of make Directory Manager a simple account.


	Am I close?

	r