[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: root-only configuration
Carl Johnstone writes:
>Peter Mogensen wrote:
>> Is it in anyway possible to set up cn=config, so only root on the host
>> can make changes?
>
> You probably want a peername ACL.
Or authz-regexp.
authz-regexp
^gidNumber=[0-9]*[+]uidNumber=0,cn=peercred,cn=external,cn=auth$
cn=admin
database config
rootdn cn=admin
(The [] is because + is a special regexp character and I never remember
how many backslashes I need for quoting in slapd.conf.)
--
Hallvard