30 Jun
2016
30 Jun
'16
1:14 p.m.
Am Wed, 29 Jun 2016 14:49:12 +0200 schrieb Florian Best best@univention.de:
Hello,
studying the slapd.access man page left me with an open question regarding the control of object creation:
- How to allow the creation of objects with a specific objectclass
only?
For example, I want to prevent that an object with a object class other than 'foobar' is created.
Assumming the following LDIF should be valid for an "add" operation:
dn: uid=anton1,cn=settings,dc=ldap,dc=base objectClass: foobar uid: anton1
man slapd.conf(5) search for - ditcontentrule - add_content_acl
and following access rules:
access to dn.sub=cn=foo,o=bar attrs=entry,@foobar by *
-Dieter
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E