Dieter Kluenter wrote:
Am Wed, 22 Dec 2010 14:46:50 +0100 schrieb "Thomas D. Dahlmann"domingo@domingo.dk:
Hi
I'm trying to add ordinary users write access to a specific ou.
I've googled a lot and haven't really found any useful regarding to openldap 2.4 (slapd.d format).
What would be the correct syntax for a ldapmodify command to accomplish this to the dn: ou=addressbook,dc=example,dc=net ?
something like: ldapmodify -D "cn=config" -W -H ldap://some.host dn:olcDatabase={1}hdb,cn=config changetype: modify replace: olcAccess olcAccess: {1} to dn.subtree="ou=addressbook,dc=example,dc=net" by users write by * read
The numbers {1} are fictious, replace with your real values.
Do not supply the {x} numbers at all when you're just doing a replace. slapd generates them itself, so there's no need.
You only need to provide the {x} numbers when you actually want to reference a specific value in a multivalued attribute. Even then, they're just a convenience, not absolutely essential.