[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Fwd: Newbie ACL questions
Hi All,
After collecting lots of information, I'm now busy populating an
OpenLDAP 2.0.21 server. With it, the need for ACLs is growing.
I've read the Admin guide, I also found several related messages in the
mailing archive, but somehow I don't get quite the wanted result.
As I experience, ACL works as follows:
1) The ACL-lines are processed in order
2) If the <what> clause matches, rules are applied
3) No more ACL lines are processed!!
This is what I want, and what ACLs I've put together:
I do want users to access their own entry, and entries which has their
db in the attribute 'owner', but they are not allowed to browse the tree
access to *
by self read
by anonymous auth
I do want to authenticate against LDAP, but I don't want anonymous
read access to the tree.
access to dn=""
by anonymous auth
However, my authenticated users can't get any ainfo any more!
Final question:
How do I obtain my own entry? A simple filter like:
dn="cn=my name,ou=people,dc=wiwo,dc=nl" returns 0 hits
I'm sure there is a simple way to do this, but it's so simple it isn't
mentioned anywhere in the docs (or I just overlooked...)
Can anyone help?
Regards,
Marcel
--
---------------------------------------------------------------
ing. Marcel van Dorp (CCDP, CCNP+security) http://www.wiwo.nl
WiWo Support tel. 071-523 77 91
Postbus 1098 fax 071-523 77 94
2340 BB Oegstgeest gsm 0653-50 77 76
---------------------------------------------------------------