Re: ACL by anonyous auth

1 Aug 2024


      --On Thursday, August 1, 2024 3:42 PM +0000 pficheux@integra.fr wrote:
...
Hello Uwe,
Thanks for the answer.
So, if I understand correctly, until you are authenticated, you are
considered as anonymous, or sort of by the LDAP right?
And concerning the "by self write", in the example :
access to dn.children="dc=example,dc=com"
      by self write
      by group.exact="cn=Administrators,dc=example,dc=com" write
      by * auth
Better ACL is probably:
access to attrs=userPassword
  by self =xw
  by group.exact="cn=Administrators,dc=example,dc=com" write
  by anonymous auth
access to dn.subtree="dc=example,dc=com"
  by self write
  by group.exact="cn=Administrators,dc=example,dc=com" write
--Quanah

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: ACL by anonyous auth