[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACI problems...
At 04:07 AM 6/18/00 -0700, Ovanes Manucharyan wrote:
>Can someone tell me what I'm doing wrong here..
Please note that there are numerous examples and explanations
in the archives and faq, please review them.
>I want anonymous users only to have read access to the ou=ABC, o=ORG
>subtree and nothing else, like ou=DEF o=ORG, or ou=GHI, o=ORG.
And I assume authenticated users can read anything (excepting
userpassword) anywhere
defaultaccess none
# userpassword: self write, everyone (anonymous+authenticated) none
access to attr=userpassword
by self write
by * none
# o=ABC,o=ORG subtree: self write, everyone (anonymous+authenticated) read
access to dn=".*ou=ABC,o=ORG"
by self write
by * read
# everywhere else, self write, anonymous none, authenticated read
access to *
by self write
by dn="^$$" none
by * read