[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Creating database, catch-22



Pierangelo Masarati wrote:
Add an ACL (either global, if there aren't any in that database, or local) that allows the identity you trust to write to that database.

Global ACLs was probably a solution. (didn't know you could that).

So if I give cn=config write access to children attribute of dc=example,dc=com, globally and write access to scope "one" (and UNIX root maps via SASL EXTERNAL to cn=config), then root will be able to ldapadd any node below dc=example,dc=com

I'll try that...

/Peter