[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACLs again

To: openldap-software@OpenLDAP.org
Subject: Re: ACLs again
From: "John P. Looney" <jplooney-ldap@online.ie>
Date: Thu, 16 Dec 1999 11:02:59 +0000
In-reply-to: <3.0.5.32.19991215162641.0098bad0@localhost>; from kurt@boolean.net on Wed, Dec 15, 1999 at 04:26:41PM -0800
References: <19991215104649.A20164@online.ie> <19991215104649.A20164@online.ie> <19991215110336.A20191@online.ie> <3.0.5.32.19991215162641.0098bad0@localhost>
User-agent: Mutt/1.1.1i

On Wed, Dec 15, 1999 at 04:26:41PM -0800, Kurt D. Zeilenga mentioned:
> At 11:03 AM 12/15/99 +0000, John P. Looney wrote:
> >Can I now restrict the fields that the "anonymous" user can search ?
> access to *
>   by dn="" none
>   by dn=".+" read
> 
> anonymous users (dn="") are granted none.
> authenticated users (dn=".+") are granted read.

 OK thanks...I now have:

defaultaccess none
access to dn="ou=.*,o=online.ie,dc=fv,dc=digiserve,dc=ie"
    by * read
access to dn="uid=.+,ou=People,o=online.ie,dc=fv,dc=digiserve,dc=ie"
    by self write
    by dn=".+" read
    by dn="" none

 However, it still doesn't allow people authenticating with a
username/password to change their details.

Kate

-- 
Microsoft. The best reason in the world to drink beer.
http://www.redbrick.dcu.ie/~valen

Follow-Ups:
- Re: ACLs again
  - From: "Kurt D. Zeilenga" <kurt@boolean.net>

References:
- ACLs again
  - From: "John P. Looney" <jplooney-ldap@online.ie>
- Re: ACLs again
  - From: "John P. Looney" <jplooney-ldap@online.ie>
- Re: ACLs again
  - From: "Kurt D. Zeilenga" <kurt@boolean.net>

Prev by Date: Chat Software compatible with LDAP
Next by Date: How apply Join LDAP data with RDBMS table!
Index(es):
- Chronological
- Thread