[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Question about hiding attributes from searches and su -



lør, 2002-07-27 kl. 16:33 skrev Tony Earnshaw:

> I'm more or less certain my question is undocumented, but maybe I'm
> lazy.

Well, it wasn't undocumented :-)

More or less solved what I wanted to by reading Jim C
<jcllings@tsunamicomm.net> 's reference to 
http://www.mandrakesecure.net/en/docs/ldap-auth.php , which, I being a
Red Hat person, was a new one on me.

By sticking

access to dn=".*,dc=billy,dc=demon,dc=nl"
        attr=userPassword
        by dn="cn=Admin,dc=billy,dc=demon,dc=nl" write
        by self write
        by * auth

at the very top of slapd.conf and removing some of the earlier, first,
restrictive acl, I get more or less what I want as far as unwanted
"finger" stuff is concerned. Isn't perfect, but it's much better than it
was.

So thanks, Jim C.

Best,

Tony

-- 

Tony Earnshaw

The usefulness of RTFM is vastly overrated.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl
gpg public key:	http://www.billy.demon.nl/tonni.armor

Telefoon:	(+31) (0)172 530428
Mobiel:		(+31) (0)6 51153356

GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981
3BE7B981


Attachment: signature.asc
Description: Dette er en digitalt signert meldingsdel