6 Jun
2012
6 Jun
'12
9:56 a.m.
Howard Chu wrote:
Jan-Piet Mens wrote:
access to dn.subtree="ou=people,dc=example,dc=com" attrs=@entryAccessEntities
but strangely this ALSO changes the privileges for the objectClass attribute of the entry!
I can confirm that's happening here with same OpenLDAP version. I've been banging my head all afternoon trying to find my own typo...
Don't inherit from top.
This does not work for standard STRUCTURAL object classes.
Hmm, another work-around could be to place an appropriate ACL for attribute 'objectClass' before the ACL using @objectClassName catching all possible access right cases.
Ciao, Michael.