[Date Prev][Date Next] [Chronological] [Thread] [Top]

Access Control

To: OpenLDAP-software@OpenLDAP.org, claudio@dydx.com
Subject: Access Control
From: Claudio Buffa Pace <claudio@dydx.com>
Date: Thu, 20 May 1999 10:20:29 +0200 (SAST)

HI 

I have taken a look at the archives and had no luck.

I am running the latest version of ldap on redhat 6.
I am having problems with access control lists.

My slapd conf file looks as follows with regards access control:

defaultaccess none
access to *
   by group="cn=Ldap Administrators,ou=Groups,o=DYDX" write
access to dn=".*,ou=People,o=DYDX"
   by self write


What I am trying to achieve is the following:
1.  I would like people who belong to the group "Ldap Administartors" full
    access.

2. I would like all "People" to have the ability to modify their own
   nodes.


My problem that I am experiencing is that, it appears each of the above
access control lists items work fine independently i.e., if I put 

access to *
   by group="cn=Ldap Administrators,ou=Groups,o=DYDX" write

in it works and if I put 

access to dn=".*,ou=People,o=DYDX"
   by self write

It works fine to.

However if I put the two together as I have show above, it only seems to
read which ever I put first in the list and ignores the second one. 

Can any body assist me with regards this problem.

Thanks!!

Claudio





----------------------------------- 
Claudio Buffa Pace

Tel#: (011) 794-2211
email: claudio@dydx.com

http://www.dydx.com 
-----------------------------------

Prev by Date: Re: SunOS 4.1.4 Compiling Error & GNU's regex
Next by Date: Schemas
Index(es):
- Chronological
- Thread