Hi,
I understand the general rule for ordering ACLs, but the application still sometimes throws me.
In my people hierarchy, I need several attributes to be visible to anonymous connections: uid and mail. Here's my original set of ACLs:
access to dn.one="ou=people,o=linfield.edu" attrs=userpassword by anonymous auth
access to dn.one="ou=people,o=linfield.edu" by dn="cn=Postfix,ou=Special Users,o=linfield.edu" read by group/linfieldGroupOfUniqueNames/uniqueMember="cn=ferpa administrators,ou=People,o=linfield.edu" read by self read
access to dn.one="ou=people,o=linfield.edu"
attrs=userPassword,maillocaladdress,useDefaultAlias,spamDisposition,checkForDirtyWords by self write
I have added the following ACL in every conceivable location (the top, the bottom, and the two in-betweens) and I still can't access the fields anonymously:
access to dn.one="ou=people,o=linfield.edu" attrs=uid,mail by * read
What am I doing wrong here?
Thanks, Rob