[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: sasl UID mapping
Hi Quanah,
On Sat, 17 Jan 2004, Quanah Gibson-Mount wrote:
> Paul,
>
> I'm going to give you a helping hand. :)
Actually, I was already using some of your other posts to the lists
as reference (well, perhaps not yours, but definitely
from stanford.edu). :)
> Here's the beginning of our ACL file that allows this to happen without given
> read access:
>
> # $Id: slapd.acl,v 1.124 2003/12/18 03:16:42 quanah Exp $
> # ACL include file for slapd
> #
>
> access to dn.base=""
> by * read
ok, had this.
> access to dn.base="cn=monitor"
> by * read
What is this for?
> access to *
> by group.base="cn=ldapAdmin,cn=Applications,dc=stanford,dc=edu"
> sasl_ssf=56 read
> by * break
Woudlnt this then prevent group.base="cn=ldapAdmin,cn=Applications,dc=stanford,dc=edu"
gainning any other permissions, eg write? Or do you have other more
specific ACLs previous to this ACL?
> access to attrs=krb5PrincipalName,member,suseasstatus
> by anonymous compare
> by * break
This i have.
> access to attrs=entry
> by * read
>
> --Quanah
Thanks!
regards,
--
Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A
warning: do not ever send email to spam@dishone.st
Fortune:
There's something different about us -- different from people of Europe,
Africa, Asia ... a deep and abiding belief in the Easter Bunny.
-- G. Gordon Liddy