Hi,
In the proccess of setting up an openldap server as a pgp key server, I want to grant access to every authenticated user to create a new entry in a subtree of the basedn and every body to read entries in that subtree but only creator to be able to modify his entries.
I tried with the following (unsuccessfully):
access to dn.children="ou=PGP Keys,o=SNCFT,c=TN"
by dn.regex="^uid=([^,]+),(ou=[^,]+,)+ou=Users,o=SNCFT,c=TN$" selfwrite
by dn.regex="^uid=([^,]+),ou=Users,o=SNCFT,c=TN$" write
by * read
and also
by dnattr=owner selfwrite
by users write
by * read
but none worked.
I am running openldap-2.3.27-8.el5_2.4
TIA
Fathi B.N.