[Date Prev][Date Next] [Chronological] [Thread] [Top]

Authenticated users can create new entries but then only creator can modify entry

To: openldap-software@openldap.org
Subject: Authenticated users can create new entries but then only creator can modify entry
From: <fathi.engineer@gnet.tn>
Date: Tue, 5 Aug 2008 22:16:21 +0200 (CEST)

Hi, 

In the proccess of setting up an openldap server as a pgp key server, I want to grant access to every authenticated user to create a new entry in a subtree of the basedn and every body to read entries in that subtree but only creator to be able to modify his entries. 

I tried with the following (unsuccessfully): 

access to dn.children="ou=PGP Keys,o=SNCFT,c=TN" 
       by dn.regex="^uid=([^,]+),(ou=[^,]+,)+ou=Users,o=SNCFT,c=TN$" selfwrite 
       by dn.regex="^uid=([^,]+),ou=Users,o=SNCFT,c=TN$" write 
       by * read 

and also 
       by dnattr=owner selfwrite 
       by users write 
       by * read 

but none worked. 

I am running openldap-2.3.27-8.el5_2.4 
TIA 
Fathi B.N.

Prev by Date: delta-syncrepl only replicates some data (attempting N-way master)
Next by Date: strange bind error
Index(es):
- Chronological
- Thread