[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: slapd and permissions
Jernej Kos wrote:
Well, i am using OpenLDAP version 2.1.26, now i have even added ".regex" where
needed. But it still doesn't work :( Users still don't have write access to
their objects inside "Domains".
Now it looks like this and should be 2.1 and 2.2 compatible :P.
access to dn.regex="ou=Domains,uid=(.*),ou=Drones,dc=unimatrix-one,dc=org"
by dn="cn=root,dc=unimatrix-one,dc=org" write
by dn="cn=borgd,dc=unimatrix-one,dc=org" write
by dn.regex="uid=$1,ou=Drones,dc=unimatrix-one,dc=org" write
by * read
OK. Now you should specify what kind of write access you need and you
don't get
with this ACL. In slapd.acces(5) of 2.2 you'll find a clear description
of the
access level you need to each portion of an entry for each operation.
You should
also indicate what identity you're using; you could look at logging with
level 16 (ACL)
to see whhere in the ACL check your access fails.
p.
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497