Hi,
I'm trying to understand these acl's:
{0} to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword by dn="cn=admin,dc=foo,dc=bar" write <--admin can read/write by anonymous auth <--anonyomous can auth by self write <--- object owner can read/write by * none <--all other users denied
{1}to dn.base="" by * read <-- all can read the root dc=foo, dc=bar {2}to * by dn="cn=admin,dc=studsemi,dc=intern" write <-- by * read
so with acl 0: users and admin can read/write passwords, all others can do nothing with that acl 1: ALL can read the root dc=foo,dc=bar acl 2: all other attributes can be read by all others and only admin can also modify all other attributes?
so if that is correct, then I think acl 1 isnt needed?
Thanks