[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access Control Lists

To: "Timothy J. Arnold" <tim@ngfl.gov.uk>
Subject: Re: Access Control Lists
From: Raf Meeusen <meeusen@acunia.com>
Date: Wed, 13 Feb 2002 13:25:28 +0100 (CET)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <001301c1b487$e25e9ac0$77333fc1@ngfl.gov.uk>

On Wed, 13 Feb 2002, Timothy J. Arnold wrote:

> Hello,
> 
> I am a little stuck with setting up access control lists for my
> directory.
> 
> I would like to be able todo something like:
> 
> anonymous can authorise against userPassword, cannot read/write anything
> user once authenticated can only read/write his own entry
> Admin user can read/write everything.
> 
> Any ideas?

something like:

access to attr=userPassword
        by self write
        by anonymous auth
        by * none
access to *
	by dn="admin-user-dn" write
        by self write
        by * none

should more or less do the trick... 

Good luck with it,

Raf

> 
> Cheers,
> 
> Timothy
> 
> Timothy J. Arnold
> Systems Support Officer
> 
> BECTa.
> Milburn Hill Road, Science Park
> Coventry, West Midlands
> CV4 7JJ, United Kingdom
> Tel: +44 (0) 24 7641 6994
> Fax: +44 (0) 24 7641 1418
> Direct: +44 (0) 24 7684 7193
> Mobile: +44 (0) 7855 862530
> E-mail: tim@ngfl.gov.uk 
> Web: www.ngfl.gov.uk
> Web: www.becta.org.uk
> 
>

References:
- Access Control Lists
  - From: "Timothy J. Arnold" <tim@ngfl.gov.uk>

Prev by Date: Access Control Lists
Next by Date: Newbie Question
Index(es):
- Chronological
- Thread