[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL: hiding attributes



I'd like to hide all attributes for "cn=www,..." user and allow to fetch
only dn, objectclass and uid. I've tried to prepare ACL but it didn't
work.

access to dn.subtree="ou=Accounts,dc=test,dc=org" attr=dn,objectclass,uid
        by dn="cn=root,ou=adm,dc=test,dc=org" write
        by dn="cn=www,ou=adm,dc=test,dc=org" read
        by self write
        by * none

access to dn.subtree="ou=Accounts,dc=test,dc=org"
        by dn="cn=root,ou=adm,dc=test,dc=org" write
        by self write
        by anonymous auth
        by * none

Is it possible to get only few attributes without listing forbidden ones?

-- 
Piotr Roszatycki, Netia Telekom S.A.                    .''`.
mailto:Piotr_Roszatycki@netia.net.pl                   : :' :
mailto:dexter@debian.org                               `. `'
                                                         `-