SF Page

AACLS Download and quick install guide


In order to use AACLS backend, you'll have to:

  • Download OpenLDAP server package at OpenLDAP version 2.2.23
  • Download the corresponding AACLS OpenLDAP patches here
Compilation steps

Once you have retrieved the two packages, untar them and apply AACLS patches to the OpenLDAP server source-tree using command (in OpenLDAP source root):

patch -p1 < ../patch-0.7

Configure the package activating aacls backend, using command :

./configure --enable-aacls [your other options] 

If you have trouble with install.sh script, upgrade your autoconf tool and regenerate the configure script with

or use the following command :

touch build/install.sh

Compile and install the package :

 make depend && make && make install 

Once the package is successfully built and installed, you have to configure the OpenLDAP server.

The OpenLDAP configuration file is located in


In order to activate the aacls backend, you will have to add the following lines to the configuration file :

  • Tells slapd to use the aacls interface :
    database        aacls
  • Tells slapd the database suffix
    suffix          "dc=openldap,dc=org" 
  • Tells slapd which DN to use for accessing the real LDAP server (un-access controlled)
    binddn          "cn=admin,dc=openldap,dc=org" 
  • The password for the above DN
    bindpw          "xxxxxxxx" 
  • The base DN where the ACL are stored in the real LDAP server
    base            "ou=AACL,dc=openldap,dc=org"
  • The real LDAP server address and port to connect to.
    uri             ldap://ldap-orig:389/ 

Once the configuration file is customised at your wish, you can start the OpenLDAP server with the following command line:

$prefix/bin/slapd -f $prefix/etc/openldap/slapd.conf 
Linagora SourceForge
AACLS backend for OpenLDAP Software