[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Limiting attributes through ACL
Dan Ciarniello wrote:
> I am trying to set up OpenLDAP to return all attributes for a given set
> of entries when accessed by an authenticated user but only a subset of
> the attributes when accessed anonymously but I can't figure out how to
> set up the ACL to do this.
>
> As an example, I have a directory entry ou=People with a number of
> inetOrgPerson subentries. When accessed anonymously, I would like only
> the cn attribute of the entries to be returned. Is this possible? If
> so, how do I set it up?
# anyone can see the cn of inetOrgPersons
access to filter="(objectClass=inetOrgPerson)" attrs=cn
by * read
# only users can see anything else of inetOrgPersons
access to filter="(objectClass=inetOrgPerson)"
by users read
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati@sys-net.it
---------------------------------------