[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL Confusion

To: openldap-software@OpenLDAP.org
Subject: ACL Confusion
From: mattyml@bellsouth.net
Date: Thu, 20 Feb 2003 16:35:34 -0500 (EST)

I have been playing with ACLs all day, and cannot seem to figure
out why the following ACLs:

access         to      attribute=userpassword
       by      self            write
       by      anonymous       auth
       by      *               none

access to dn.subtree="ou=contacts,dc=test,dc=com"
      by  group="cn=Directory Managers,ou=Groups,dc=test,dc=com" write
      by        self            write
      by        *               none

allow anonymous binds? The following search works for some reason:

ldapsearch -x -D "" -b "dc=test,dc=com" '(objectclass=*)'

>From reading and rereading the access list info on openldap.org, this
shouldn't work. I must be doing something stupid.

Thanks for any insight,
Ryan

Follow-Ups:
- Re: ACL Confusion
  - From: mattyml@bellsouth.net

Prev by Date: Re: oot: the best DSA
Next by Date: SASL Bind vs. PHP Bind
Index(es):
- Chronological
- Thread