[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACL's and write permission.
summarising your post - heres your "active" ACL's by the looks:
access to dn.base="cn=Subschema"
by * read
access to attrs=userPKCS12
by self write
by * auth
access to attrs=shadowLastChange
by self write
by * read
access to attrs=userPassword
by dn="cn=admin,dc=sub,dc=domain,dc=xyz,dc=xy" write
by anonymous auth
by self write
by * none
access to dn.base=""
by * read
access to *
by dn="cn=admin,dc=sub,dc=domain,dc=xyz,dc=xy" write
by * read
access to dn="ou=moodleusers,dc=sub,dc=domain,dc=xyz,dc=xy"
by dn="uid=usuariomoodle-admin,dc=sub,dc=domain,dc=xyz,dc=xy" write
The rule for "usuariomoodle-admin" is inaccessable. As ACL's are only
processed until a match is found you can never get to this rule - the
preceeding rule says give read to * so the ACL will always stop there
if it hasn't been already caught by one of the others. Simple move
that last access rule above the access to * on and you should get
things moving in the right direction.
Shane.