[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL



With your recommandations I tried something else....
really strange


I have now only one line which is:

access to dn=".*ou=User,o=Right vision" attr=userpassword
          by dn="cn=Thierry,ou=Admin,o=Right Vision" read
          by dn="cn=Fabrice,ou=Admin,o=Right Vision" write
          by * none

I am waiting for the following result:
- Fabrice has access to write and read all entries below ou=User,o=Right Vision
- Thierry can read all entries below ou=User,o=Right Vision
- The other users read all entries below ou=User,o=Right Vision but not the userpassword attribut below



but when I run the command

ldapsearch -D "cn=Thierry,ou=Admin,o=Right Vision" -w password -b "o=Right Vision" "objectclass=*"

I see all entries in my base and not entries below ou=users,...

same comportment for Fabrice
with eric I can see all entries without the userpassword attribut

It is the same thing when I put a comma like this

access to dn=".*,ou=User,o=Right vision" attr=userpassword  ....


Now if I try to add :

defaultaccess none

no entry displayed for all users .....


I really do not understand !

Is someone has an idea ?

Many thanks,
Fabrice

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com