RE: OPEN LDAP ACL

21 May 2019


      --On Tuesday, May 21, 2019 9:56 AM +0000 Olivier - piwako@outlook.fr 
wrote:
...
Bonjour Florent,
(sorry I answer just this in Freanch : easier to me p Les ACL
s'arrêtent au premier match. Il faut donc mettre les droits des user
sconcernés pour chaque ACL).
Here a franch link :
https://www.vincentliefooghe.net/content/les-acl-dans-openldap
Here an example :
access to attrs=userPassword
by dn.exact="cn=admin,dc=example,dc=fr" write
by users auth
by anonymous auth
by * none
That should be "by users read", not "by users auth" as per their stated 
requirements.  I would note that this ACL would be problematic in a 
replicated environment unless the "cn=admin,dc=example,dc=fr" DN is also 
used for replication.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
http://www.symas.com

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

RE: OPEN LDAP ACL