No, I believe that openLDAP looks at the ACLS and finds the first one that matches, and then stops. Therefore, if I put that rule before the other one,
True by default, eg control="stop" implicitly. But you could modify that rule:
by * none continue
to (basically) tell the ACL parser that there's more to come. See slapd.access(5).
There is also "by * break"
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
"These censorship operations against schools and libraries are stronger than ever in the present religio-political climate. They often focus on fantasy and sf books, which foster that deadly enemy to bigotry and blind faith, the imagination." -- Ursula K. Le Guin