17 Jan
2013
17 Jan
'13
2:51 a.m.
Sorry for the confusion caused by editing what I've copied from the real system before which uses a group for several Samba DC instances.
In this example the ACL part should be more simple like this:
access to dn.subtree="o=example" attrs=sambaNTPassword filter="(organizationalStatus=0)" by dn.exact="uid=samba_dc,o=example" write by group="cn=slapd Admins,ou=groups,o=example" =sw by self =w by * none
Ciao, Michael.