Need a help related to ACL.

I need to setup some basic ACL for LDAP,

I need Manager only should have access to the entire tree both read and write
and only users under ou=operation can have a read only access to the tree.  Currently i dont have any ACL in the slapd.conf file.

Would be great if you can share the ACL.

Please help.