[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL: hiding attributes

To: "openldap-software@OpenLDAP.org" <openldap-software@OpenLDAP.org>
Subject: ACL: hiding attributes
From: Piotr Roszatycki <Piotr_Roszatycki@netia.net.pl>
Date: Tue, 12 Mar 2002 19:55:35 +0100 (CET)

I'd like to hide all attributes for "cn=www,..." user and allow to fetch
only dn, objectclass and uid. I've tried to prepare ACL but it didn't
work.

access to dn.subtree="ou=Accounts,dc=test,dc=org" attr=dn,objectclass,uid
        by dn="cn=root,ou=adm,dc=test,dc=org" write
        by dn="cn=www,ou=adm,dc=test,dc=org" read
        by self write
        by * none

access to dn.subtree="ou=Accounts,dc=test,dc=org"
        by dn="cn=root,ou=adm,dc=test,dc=org" write
        by self write
        by anonymous auth
        by * none

Is it possible to get only few attributes without listing forbidden ones?

-- 
Piotr Roszatycki, Netia Telekom S.A.                    .''`.
mailto:Piotr_Roszatycki@netia.net.pl                   : :' :
mailto:dexter@debian.org                               `. `'
                                                         `-

Prev by Date: question apache+tomcat+ldap
Next by Date: RE: Extending the schema: What about OIDs?
Index(es):
- Chronological
- Thread