Hello,

I just need to allow a simple "bind" user to be able the perform the
authenticated searches in the tree, while allowing all other users to
consult their data without being able to modify them. So I have set
the following primitive access rules:

------------------------------
olcAccess: {0}to attrs=userPassword
 by self write
 by dn.base="cn=Manager,dc=example,dc=com" write
 by anonymous auth
 by * none"

olcAccess: {1}to *
 by self read
 by dn.base="cn=Manager,dc=example,dc=com" write
 by dn="uid=binduser,ou=Users,dc=example,dc=com" read
-------------------------------

With these settings, I can in fact perform authenticated searches as
dn="uid=binduser,ou=Users,dc=example,dc=com" with filter uid=username.
But the weird thing is that all other non-privileged users cannot see
their own data, although I have added "to * by self read"..

What am I missing? Thanks ahead for any comment!

Andy.