[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticationg only on port 636

To: Thomas Cramer <cramert@musc.edu>
Subject: Re: Authenticationg only on port 636
From: Frank Swasey <Frank.Swasey@uvm.edu>
Date: Tue, 25 Nov 2003 10:42:20 -0500 (EST)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <3FC27F14.9090107@musc.edu>
References: <3FC20898.70806@musc.edu> <Pine.LNX.4.58.0311241130420.30751@ebova.hiz.rqh> <3FC27F14.9090107@musc.edu>

On Mon, 24 Nov 2003 at 4:58pm, Thomas Cramer wrote:

> You are absolutely right.  That listing really wouldn't do much of
> anything.  What I meant to put was
>
> > access to *
> >         by sockurl="^ldaps:///$" auth
> >         by * read
> >         by dn="cn=Manager,o=MUSC,c=US" write
>
> Maybe my problem is understanding fully what "auth" implies.  Does it
> mean that all you can is authenticate? Or does it mean that after you
> authenticate you can read?

authenticate means authenticate.  read includes search, compare, and
authenticate -- so if you want them to be able to authenticate and read,
then give them read.

Check out:

http://www.openldap.org/faq/data/cache/453.html

-- 
Frank Swasey                    | http://www.uvm.edu/~fcs
Systems Programmer              | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
                    === God Bless Us All ===

References:
- Authenticationg only on port 636
  - From: Thomas Cramer <cramert@musc.edu>
- Re: Authenticationg only on port 636
  - From: Frank Swasey <Frank.Swasey@uvm.edu>
- Re: Authenticationg only on port 636
  - From: Thomas Cramer <cramert@musc.edu>

Prev by Date: newbie question
Next by Date: Re: [openldap 2.1.12 + BerkeleyDb 4.1.24] db_checkpoint pb
Index(es):
- Chronological
- Thread