[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticationg only on port 636



You are absolutely right. That listing really wouldn't do much of anything. What I meant to put was

access to *
        by sockurl="^ldaps:///$" auth
        by * read
        by dn="cn=Manager,o=MUSC,c=US" write

Maybe my problem is understanding fully what "auth" implies. Does it mean that all you can is authenticate? Or does it mean that after you authenticate you can read?


==
tc


Frank Swasey wrote:

Today at 8:33am, Thomas Cramer wrote:



access to *
by * read
by sockurl="^ldaps:///$" auth
by dn="cn=Manager,o=MUSC,c=US" write



Let's see... this says:

For all attributes:
  Everyone can read their value
  If you used the url ldaps:///... you can ONLY get AUTH access
  If you are the manager, you have full access

Hmm, methinks it's doing exactly what you told it -- not what you
wanted, but that's the failure of the DWIM processor.... ;-)