Hi,
it should be so simple ... I thought.
At first some things worked, but than I messed something up and now I'm completely confused.
What I want (sooner or later):
- users should authenticate using posix and samba accounts. - they may change there password. - they may look up other mail, phone, ... addresses in the ldap using Thunderbird or apple Addressbook - they may change there phone number and (may be) there postal address - admin users should be able to write and read everything.
- anonymous users may later read the mail and cn/sn attribute.
May be someone has such ACLs already set up and like to share them or can help me?
Would be great, cause reading the docs and experiment is helpful, but I did not ended in a working secure, flexible, understandable setup.
Thanks a lot and best regards.
/Götz