[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACL problem in slapd.conf
Jonathan Clarke wrote:
2) You can enable loglevel acl in your configuration file and check the
logs to see which rules are being used.
I hope this helps. If you have further questions, don't hesitate to post
back here with your full set of ACLs, and information on the version of
slapd you're using.
I think I have it working with changing this set of ACLs:
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by self write
by dn="uid=replica,ou=Users,dc=example,dc=com" write
by anonymous auth
by * none
access to *
by dn="uid=replica,ou=Users,dc=example,dc=com" write
by * read
to this:
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by self write
by dn="uid=replica,ou=Users,dc=example,dc=com" write
by anonymous auth
by * none
access to dn.subtree="ou=Users,dc=example,dc=com"
by dn="uid=Operator,ou=Users,dc=example,dc=com" write
by * read
by self write
by dn="uid=replica,ou=Users,dc=example,dc=com" write
by anonymous auth
by * none
access to dn.subtree="ou=Groups,dc=example,dc=com"
by dn="uid=Operator,ou=Users,dc=example,dc=com" write
by * read
by self write
by dn="uid=replica,ou=Users,dc=example,dc=com" write
by anonymous auth
by * none
access to *
by dn="uid=replica,ou=Users,dc=example,dc=com" write
by * read
And I think I should comment out "by anonymous auth" from the two
entries I added...
--
Tomasz Chmielewski
http://wpkg.org