[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: attribute acl hardships



At 12:31 PM 2001-08-29, Fox wrote:
>Any time I try to grant access to specific attributes in the second access
>statement, it does not work, as in a search by cn returns no results.  Is it
>matching my user as anonymous in the first statement and ignoring the second
>access statement?
>
>If I change the second statement to access to *, I can access all
>attributes, but that is not what I want.  I am running OpenLDAP 2.0.11.
>
>access to attr=userPassword
>    by anonymous auth
>    by dn="cn=Manager,dc=mckee,dc=com" write
>access to attr=cn
>    by users read

You did not grant permission to read any entries.  Replace
last ACL with:

access to attrs=cn,entry
        by users read

Kurt