[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.1 and ACL

To: "Tony Earnshaw" <tonni@billy.demon.nl>
Subject: Re: OpenLDAP 2.1 and ACL
From: "Emmanuel Blot" <emmanuel.blot@free.fr>
Date: Sat, 1 Feb 2003 20:54:09 +0100
Cc: <openldap-software@OpenLDAP.org>
References: <016801c2ba8c$5f5cf2f0$0f06a8c0@oulx> <HBF.20030113kanr@bombur.uio.no><013f01c2bfe5$fa31f830$0f06a8c0@oulx> <HBF.20030121c88n@bombur.uio.no> <0ad801c2c588$d25cb3b0$0f06a8c0@oulx> <1043670061.5828.55.camel@localhost> <0d8701c2c65d$50973460$0f06a8c0@oulx> <1043743188.16001.49.camel@localhost>

> Dunno, I'm afraid. I don't use this and don't know anyone else who does.
> 'man slapd.access' would seem to indicate that by doing this, you are
> also blocking access to the entry's children, since the default at this
> point is 'stop'. Though that's my interpretation and could be wrong.

Ok, I will not use.
I just hope I will be able to find the correct syntax that fulfills my needs.
 
> By filtering things like 'sn' and 'cn', you're only making everything
> doubly difficult for yourself. Why don't you just start with a
> bare-bones ACL and add what you want, one thing at a time, till it
> breaks? That's the way I do it.

Ok, I will try.

> BTW, your log level gives interesting results that I haven't seen
> before. What log level is it?

loglevel 992

Thanks for your help,

Regards,
Emmanuel.

Prev by Date: Fwd: main: TLS init def ctx failed: 0
Next by Date: Multiple following spaces
Index(es):
- Chronological
- Thread