Hi,
does slapd resolve the ACLs only at start time?
I have following ACL defined:
access to * by group/groupOfUniqueNames/uniqueMember="cn=admins,dc=example,dc=com" write by * read
which should allow only members of the group cn=admins write access to the whole directory. Others may only read.
The group looks like this:
dn: cn=admins,dc=example,dc=com objectClass: groupOfUniqueNames cn: admins description: LDAP administrators uniqueMember: cn=manager,dc=example,dc=com uniqueMember: uid=chris,ou=user,dc=example,dc=com
If I add a member to the group, it seems that I have to restart slapd to allow the new member write access to the directory. Is this correct or am I missing something?
Bye Chris
--On Wednesday, September 10, 2008 4:26 PM +0200 "JUNG, Christian" christian.jung@saarstahl.com wrote:
Hi,
does slapd resolve the ACLs only at start time?
I have following ACL defined:
Using groups in acls has always worked for me, without having the results cached. Have you run slapd with acl tracing to see what it reports?
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-software@openldap.org