[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: other acl problems (ip modification)
On Wednesday 20 February 2002 11:38 am, francesco tornieri wrote:
> I'd like make a structure like :
> pc slave (192.168.2.18) makes change to master (192.168.1.17) but it is
> ablt to modify subtree Scienze
> pc slave (192.168.2.19) makes change to master (192.168.1.17) but it is
> ablt to modify subtree Medicina
> This is my acl list:
>
> access to attrs=userpassword,lmpassword,ntpassword
> by self write
> by dn="cn=manager,dc=univr,dc=it" write
> by dn="uid=manager,ou=Service,dc=univr,dc=it" write
> by dn="cn=qmail,ou=Service,dc=univr,dc=it" none
> by dn="cn=samba,ou=Service,ou=Scienze,dc=univr,dc=it" write
> by dn="cn=samba,ou=Service,ou=Medicina,dc=univr,dc=it" write
> by * none
>
> access to attrs=shadowlastchange,pwdlastset,mailForwardingAddress
> by self write
> by dn="cn=manager,dc=univr,dc=it" write
> by dn="uid=manager,ou=Service,dc=univr,dc=it" write
> by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
> by dn="cn=samba,ou=Service,ou=(.*),dc=univr,dc=it" write
> by addr="127.0.0.1|192.168.2.*" read
> by * none
>
> access to
> attrs=pwdcanchange,pwdmustchange,acctflags,logontime,logofftime,kickofftime
>,smbhome,homedrive,script,profile,ntuid,rid,grouprid,uid,uidnumber,gidnumber
>,cn,description,workstation by dn="cn=manager,dc=univr,dc=it" write
> by dn="uid=manager,ou=Service,dc=univr,dc=it" write
> by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
> by dn="cn=samba,ou=Service,ou=(.*),dc=univr,dc=it" write
> by addr="127.0.0.1|192.168.2.*" read
> by * none
>
> access to attrs=lpquota,lpprinted,lpdate,lpnote
> by dn="cn=lpquota,ou=Service,dc=univr,dc=it" write
> by self read
> by * none
>
> access to attrs=mailMessageStore,mailQuota
> by dn="cn=manager,dc=univr,dc=it" write
> by dn="uid=manager,ou=Service,dc=univr,dc=it" write
> by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
> by self read
> by * none
>
> access to dn="uid=[^,]+,ou=Scienze,dc=univr,dc=it"
> by dn="cn=manager,dc=univr,dc=it" write
> by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
> by addr="192.168.2.18" write
> by addr="127.0.0.1|157.27.*.*|192.168.2.*" read
> by * none
>
> access to dn="uid=[^,]+,ou=Medicina,dc=univr,dc=it"
> by dn="cn=manager,dc=univr,dc=it" write
> by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
> by addr="192.168.2.19" write
> by addr="127.0.0.1|157.27.*.*|192.168.2.*" read
> by * none
>
> access to dn="uid=[^,]+,ou=(.*),dc=univr,dc=it"
> by dn="cn=manager,dc=univr,dc=it" write
> by dn="uid=manager,ou=Service,dc=univr,dc=it" write
> by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
> by addr="127.0.0.1|157.27.*.*|192.168.2.*" read
> by * none
>
> access to dn="dc=univr,dc=it"
> by dn="cn=manager,dc=univr,dc=it" write
> by dn="uid=manager,ou=Service,dc=univr,dc=it" write
> by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
> by addr="127.0.0.1|157.27.*.*|192.168.2.*" read
> by * none
>
> Where is the problem?Can you help me?access to
> Francesco
Ok i have resolved it in this way :
dn="ou=Scienze,dc=univr,dc=it"
by addr="127.0.0.1|192.168.2.18" write
access to dn="ou=Medicina,dc=univr,dc=it"
by addr="127.0.0.1|192.168.2.19" write
access to dn="ou=Scienze,dc=univr,dc=it"
by addr="127.0.0.1|192.168.2.*" read
Best regards, Francesco