[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL Question



Hi,

I have the following in my slapd.conf:

access to dn.subtree="cn=log"
 by group/groupOfNames/Member="cn=ldap-admins,ou=Group,dc=soe,dc=ucsc,dc=edu" read

However, anyone (even unbound anonymous users) can access cn=log without any problems.  I don't want anyone but ldap-admins to be able to access this subtree.

I'm thinking that I must be missing something really simple here.  Am I doing something wrong?  Any help is greatly appreciated.

Tim Gustafson
BSOE Webmaster
UC Santa Cruz
tjg@soe.ucsc.edu
831-459-5354