13 Jun
2015
13 Jun
'15
3:58 p.m.
On Thu, Jun 11, 2015 at 02:12:19PM +0200, Stefan Bauer wrote:
olcAccess: {0}to * by * read by * break
"by * read" matches everyone, and stops. "by * break" is never reached.
olcAccess: {1}to dn.subtree="ou=Benutzer,dc=example,dc=com" attrs=userPassword by self write by * break
This rule is never reached, because everyone is matched by "by * read" (with "stop" implicit) above.