[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.1 and ACL

To: "Peter Marschall" <peter.marschall@mayn.de>
Subject: Re: OpenLDAP 2.1 and ACL
From: "Emmanuel Blot" <emmanuel.blot@free.fr>
Date: Sun, 2 Feb 2003 23:37:22 +0100
Cc: <openldap-software@OpenLDAP.org>
References: <016801c2ba8c$5f5cf2f0$0f06a8c0@oulx> <1043743188.16001.49.camel@localhost> <005201c2caef$c728f5a0$0f06a8c0@oulx> <200302022106.55408.peter.marschall@mayn.de>

> access to *
> by * read

Yes, it works.
The problem is that if this line does not appear at the end of the file, I get the 'entry'
attribute issue.
Is this rule always required ?

I'm frightened to forget one of the above rules in the ACL definition and that some important
attributes could therefore be read by anyone...

I've tried to reduce this final rule to

access to *
  by * search

and it fails.

Thanks,
Emmanuel.

Follow-Ups:
- Re: OpenLDAP 2.1 and ACL
  - From: Mitrana Cristian <cmitrana@xnet.ro>

References:
- Re: OpenLDAP 2.1 and ACL
  - From: "Emmanuel Blot" <emmanuel.blot@free.fr>
- Re: OpenLDAP 2.1 and ACL
  - From: Peter Marschall <peter.marschall@mayn.de>

Prev by Date: Re: How to change the login look up order with LDAP?
Next by Date: Re: Looks like a bug 8'(
Index(es):
- Chronological
- Thread