[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: trouble with access control

To: Lise Didillon <ldidillon@prologue.fr>
Subject: Re: trouble with access control
From: "Dr. Harry Knitter" <harry@knitter-edv-beratung.de>
Date: Mon, 17 Apr 2006 09:27:58 +0200
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <5.1.1.6.1.20060413170455.02510ca0@localhost>
References: <5.1.1.6.1.20060413170455.02510ca0@localhost>
User-agent: KMail/1.8.2

Am Donnerstag, 13. April 2006 17:13 schrieb Lise Didillon:
> At 08:39 13/04/06 +0200, Dr. Harry Knitter wrote:
> >Hello,
> >
> >I am new with Openldap and with this list, too.
> >
> >My problem is as follows:
> >
> >I have set up an openldap server with simple bind.
> >
> >Everything works fine when using rootdn to acess my data.
> >There are several addressbooks in different dns.
> >
> >My access controls are:
> >access to *
> >         by * read
> >
> >access to dn.subtree="dc=mydoamin,dc=tld"
> >         by dn="uid=harry,cn=users,ou=ldapconfig,dc=mydomain,dc=tld" write
> >         by * none
> 
> write instead:
> 
> access to dn.subtree="dc=mydoamin,dc=tld"
>          by dn="uid=harry,cn=users,ou=ldapconfig,dc=mydomain,dc=tld" write
>          by * none
> 
> access to *
>          by * read
> 
> because slapd finds and stops at the first rule that matches the entry,
> 


When I do this I get no access at all.

Harry

Follow-Ups:
- Re: trouble with access control
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: trouble with access control
  - From: Lise Didillon <ldidillon@prologue.fr>

Prev by Date: TLS - verifying and requiring its use
Next by Date: Re: TLS - verifying and requiring its use
Index(es):
- Chronological
- Thread