Sorry folks,
please forgive me, i forgot to let you know i am using kerberos (SASL); so i bind via sasl mechanism not as the dn owned by me.
Thanks once more for your help.
On Tue, Jun 28, 2011 at 2:05 PM, Quanah Gibson-Mount quanah@zimbra.com wrote:
--On Tuesday, June 28, 2011 10:05 AM -0300 Friedrich Locke friedrich.locke@gmail.com wrote:
Dear list members,
i would like to use openldap for unix users and group of my local network. I started studying openldap access mechanism yesterday; and i am a little confused.
I am writing in order to get some help for a single scenario i would like to share with you.
My users will be below ou=users,dc=ufv,dc=br.
I would like to write an access rule for the following.
User X had complete access to his/her entry:
cn=X,dc=ufv,dc=br
by self write by users read
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
--On Tuesday, June 28, 2011 3:02 PM -0300 Friedrich Locke friedrich.locke@gmail.com wrote:
Sorry folks,
please forgive me, i forgot to let you know i am using kerberos (SASL); so i bind via sasl mechanism not as the dn owned by me.
Thanks once more for your help.
If you have correctly set up SASL/GSSAPI, then when someone binds, they are mapped to their DN in the database, and the access rules I reported would work correclty.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org
-
Friedrich Locke -
Quanah Gibson-Mount