[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL and ACI



Armin Wenz writes:
> My question is now, how do I have to set my ACLs that if there is no ACI 
> anonymous read access is allowed? Is this possible?

Until recently there was no supported way to do that, but there was a
bug which let a syntax error in the DN mean "public access"
(ITS#2006). So you could use e.g.

	1#entry#grant;s,c,r;[all]#access-id#[all]

Recently that has been fixed, and a #public# syntax has been added
instead (ITS#2005):

	1#entry#grant;s,c,r;[all]#public#

Sorry, I don't quite remember which OpenLDAP version(s) this happened
in.  Try it and see.

-- 
Hallvard