Hello,
I just need to allow a simple "bind" user to be able the perform the authenticated searches in the tree, while allowing all other users to consult their data without being able to modify them. So I have set the following primitive access rules:
------------------------------ olcAccess: {0}to attrs=userPassword by self write by dn.base="cn=Manager,dc=example,dc=com" write by anonymous auth by * none"
olcAccess: {1}to * by self read by dn.base="cn=Manager,dc=example,dc=com" write by dn="uid=binduser,ou=Users,dc=example,dc=com" read -------------------------------
With these settings, I can in fact perform authenticated searches as dn="uid=binduser,ou=Users,dc=example,dc=com" with filter uid=username. But the weird thing is that all other non-privileged users cannot see their own data, although I have added "to * by self read"..
What am I missing? Thanks ahead for any comment!
Andy.