[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Authenticationg only on port 636
On Mon, 24 Nov 2003 at 4:58pm, Thomas Cramer wrote:
> You are absolutely right. That listing really wouldn't do much of
> anything. What I meant to put was
>
> > access to *
> > by sockurl="^ldaps:///$" auth
> > by * read
> > by dn="cn=Manager,o=MUSC,c=US" write
>
> Maybe my problem is understanding fully what "auth" implies. Does it
> mean that all you can is authenticate? Or does it mean that after you
> authenticate you can read?
authenticate means authenticate. read includes search, compare, and
authenticate -- so if you want them to be able to authenticate and read,
then give them read.
Check out:
http://www.openldap.org/faq/data/cache/453.html
--
Frank Swasey | http://www.uvm.edu/~fcs
Systems Programmer | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
=== God Bless Us All ===