17 Feb
2009
17 Feb
'09
9:02 a.m.
Carl Johnstone writes:
Peter Mogensen wrote:
Is it in anyway possible to set up cn=config, so only root on the host can make changes?
You probably want a peername ACL.
Or authz-regexp.
authz-regexp ^gidNumber=[0-9]*[+]uidNumber=0,cn=peercred,cn=external,cn=auth$ cn=admin database config rootdn cn=admin
(The [] is because + is a special regexp character and I never remember how many backslashes I need for quoting in slapd.conf.)
--
Hallvard