"Dane Foster" <dfoster@equitytg.com> wrote: > My simplified database ACL is as follows: > access to * attr=o,cn > by * read > > The database ACL doesn't achieve what I said in the first paragraph but it Try using attrs=objectClass,entry,o,cn ____________________________________________________________________ Get free e-mail and a permanent address at http://www.amexmail.com/?A=1