[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACLs again



On Tue, Dec 14, 1999 at 05:26:24PM +0000, Stuart Henderson mentioned:
> >  I have all our users details on the LDAP server, and I'm trying to write a
> > webpage that will allow them to modify and add to their own attributes.
> > 
> >  Has anyone setup OpenLDAP ACLs to authenticate off their unix password
> > (which is stored as "userpassword={crypt}gkkVVixG7" etc.) ? Even generic
> > ACL docs would be cunning - they seem fairly thin on the ground.
> 
> How about something like this...
> 
> defaultaccess none
> access to dn=".*,ou=foo,o=bar"
>         by self write

 That looks sufficent. However, the LdapBind function in TCL requires a
BindDN. Is there an "anonymous" BindDN ? Can I create one that just has
default access ?

> http://www.umich.edu/~dirsvcs/ldap/doc/guides/slapd/5.html#RTFToC20
> sec 5.3.5 may help if you haven't found it yet.

 Nice one. I'd not found it.

John

-- 
Microsoft. The best reason in the world to drink beer.
http://www.redbrick.dcu.ie/~valen

Attachment: pgpmJd1YKscsU.pgp
Description: PGP signature