1 Dec
2008
1 Dec
'08
8:14 p.m.
Hi All,
I was wondering how i go about giving LESS access than the default ACL rule.
Lets assume some default permissions set from the FAQ-o-matic :
access to attr=userpassword by self =xw by anonymous auth
access to * by self write by users read
This allows the "standard user" to read all attributes, and write thier own details.
Assuming we add to the above a user that has LESS access than the default ie:
access to attr=c,o,ou,cn,sn,givenName,mail by dn.exact=cn=limited,dc=example,dc=com by * none (or break)
This literally wont work as intended, because even if the above does not match, the
access to * by self write by users read
Will always give users read by default.
Any ideas ?
Cheers Brett