[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL ok?



Could some expert point out possible stupid mistakes in the following
ACLs? The intention of the first block is to allow
uid=user,ou=People,o=CWI INS,c=NL to change the separate password for
uid=user,ou=Mail Users,ou=Services,o=CWI INS,c=NL; the second block is
to allow simple bind to other dn's and the third block to allow access
via LDAPS from the outside.

Thanks a lot in advance for any advice,
Hein



access to dn="uid=([^,]+),ou=Mail Users,ou=Services,o=CWI INS,c=NL"
attribute=userPassword
        by anonymous auth
        by self write
	by dn="uid=$1,ou=People,o=CWI INS,c=NL" write
        by * none

access to attribute=userPassword
        by anonymous auth
        by self write
        by * none

access to *
	by users read
        by domain=".*\.cwi\.nl" read
        by * none

Attachment: signature.asc
Description: This is a digitally signed message part