[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OpenLDAP 2.1 and ACL
- To: "Tony Earnshaw" <tonni@billy.demon.nl>
- Subject: Re: OpenLDAP 2.1 and ACL
- From: "Emmanuel Blot" <emmanuel.blot@free.fr>
- Date: Sat, 1 Feb 2003 20:54:09 +0100
- Cc: <openldap-software@OpenLDAP.org>
- References: <016801c2ba8c$5f5cf2f0$0f06a8c0@oulx> <HBF.20030113kanr@bombur.uio.no><013f01c2bfe5$fa31f830$0f06a8c0@oulx> <HBF.20030121c88n@bombur.uio.no> <0ad801c2c588$d25cb3b0$0f06a8c0@oulx> <1043670061.5828.55.camel@localhost> <0d8701c2c65d$50973460$0f06a8c0@oulx> <1043743188.16001.49.camel@localhost>
> Dunno, I'm afraid. I don't use this and don't know anyone else who does.
> 'man slapd.access' would seem to indicate that by doing this, you are
> also blocking access to the entry's children, since the default at this
> point is 'stop'. Though that's my interpretation and could be wrong.
Ok, I will not use.
I just hope I will be able to find the correct syntax that fulfills my needs.
> By filtering things like 'sn' and 'cn', you're only making everything
> doubly difficult for yourself. Why don't you just start with a
> bare-bones ACL and add what you want, one thing at a time, till it
> breaks? That's the way I do it.
Ok, I will try.
> BTW, your log level gives interesting results that I haven't seen
> before. What log level is it?
loglevel 992
Thanks for your help,
Regards,
Emmanuel.