[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Help with ACL

To: Russell Premont <rpremont@intellistar.net>
Subject: Re: Help with ACL
From: Tony Earnshaw <tonni@billy.demon.nl>
Date: 12 Apr 2003 08:26:59 +0200
Cc: "openldap-software@OpenLDAP. "org <openldap-software@OpenLDAP.org>
In-reply-to: <NCEPLBOPLCHEALOKPGBGAEJBDLAA.rpremont@intellistar.net>
Organization:
References: <NCEPLBOPLCHEALOKPGBGAEJBDLAA.rpremont@intellistar.net>

fre, 11.04.2003 kl. 18.52 skrev Russell Premont:

> I am trying to set an access list that only allows rootmn access to read or
> write to ldap. Here is what I have in my slapd.conf.
> 
> access to *
>         by cn=rootmn,o=mydomain,c=US write
> 
> Since this kicks out the error above, I know it is wrong. Can someone tell
> me my mistake and I am new to ldap and I picked up the O'Reilly hoping for
> more in depth information on ldap. Can someone point me to some good
> resources for ldap that explain it starting at a beginners level.

Does it *really* have that in the book???

access to *
        by dn="cn=rootmn,o=mydomain,c=US write"

Quite another thing is, that the server won't know it's root unless he
authenticates first, for example - before the above:

access to dn="o=mydomain,c=US write"
	attr=userPassword
	by self write
	by anonymous auth

Now check that with the book and report back if the book says something
else ;)

Best,

Tony

-- 

Tony Earnshaw

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl

Follow-Ups:
- Re: Help with ACL
  - From: Tony Earnshaw <tonni@billy.demon.nl>

References:
- Help with ACL
  - From: "Russell Premont" <rpremont@intellistar.net>

Prev by Date: Re: OpenLDAP and VCARDs
Next by Date: Re: Quoting Spaces in DN, again
Index(es):
- Chronological
- Thread