Hi,
I understand the general rule for ordering ACLs, but the application
still sometimes throws me.
In my people hierarchy, I need several attributes to be visible to
anonymous connections: uid and mail. Here's my original set of ACLs:
access to dn.one="ou=people,o=linfield.edu"
attrs=userpassword
by anonymous auth
access to dn.one="ou=people,o=linfield.edu"
by dn="cn=Postfix,ou=Special Users,o=linfield.edu" read
by group/linfieldGroupOfUniqueNames/uniqueMember="cn=ferpa
administrators,ou=People,o=linfield.edu" read
by self read
access to dn.one="ou=people,o=linfield.edu"
attrs=userPassword,maillocaladdress,useDefaultAlias,spamDisposition,checkForDirtyWords
by self write
I have added the following ACL in every
conceivable location (the top, the bottom, and the two in-betweens) and
I still can't access the fields anonymously:
access to dn.one="ou=people,o=linfield.edu"
attrs=uid,mail
by * read
What am I doing wrong here?
Thanks,
Rob
--
Rob Tanner
UNIX Services Manager
Linfield College, McMinnville OR