At 09:26 AM 1/18/00 -0600, David Buttrick wrote: >defaultaccess read >access to * by self write > by dn="cn=Manager, ou=SAM, o=Concentric Network, c=US" write You are better off writing this as: defaultaccess none access to * by self write by dn="cn=Manager, ou=SAM, o=Concentric Network, c=US" write by * read so as to be forward compatible with 2.0 ACLs.