19 Jun
2007
19 Jun
'07
4:11 p.m.
Pierangelo Masarati wrote:
Try something along the lines:
# allow everybody to bind, and self to change password access to attrs=userPassword by self write by anonymous auth
# allow everybody searching for objectClass access to filter="(objectClass=inetOrgPerson)" attrs=objectClass by * search
# allow everybody to read the entry and the cn access to filter="(objectClass=inetOrgPerson)" attrs=entry,cn by * read
# allow only users to read the rest of the entry access to filter="(objectClass=inetOrgPerson)" by users read
# allow everybody to search (but not see) everything else access to * by * search
p.
That does the trick.
Grazie mille, Dan.