[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: acl question
> I need to setup an acl where a specific user has write access to a
> particular ou and everything below it. What I have tried to do is
> this:
acl's are parsed from most specific to least specific in two ways. the
first "access to" that matches is the one that is used and then down the
list of "by X blah" the first one that matches is used.
> # access levels
> defaultaccess read
>
> access to * by dn="cn=manager,o=contacts.company.net" write
so this is the only acl that will be parsed because "access to *" matches
everything. the lower acls will never be read.
read the section on acl's in the admin guide and there is a good bit in
the developers section of the faq-o-matic as well.
adam.