Am 23.03.2012 10:44, schrieb stefano:
Hi, i've a question.
am configuring the ACLs in slapd.conf. is it necessary to specify the Administrator DN in the "who" field?
ex: access to attrs=userPassword by dn="cn=Manager,dc=example,dc=com"
Do i have to specify it or the administrator has the access right to every attribute?
Hi,
the docs are your friend :)
From slapd.access(5):
*Be warned: the rootdn can always read and write EVERYTHING!*
From slapd.conf(5):
access to <what> [ by <who> <access> <control> ]+ [...] The rootdn can always read and write EVERYTHING! [...]
[...]
rootdn <dn> Specify the distinguished name that is not subject to access control or administrative limit restrictions for operations on this database. [...]
Regards, Christian Manal