[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: phpldapadmin and openldap
--On Thursday, June 09, 2011 5:45 PM -0500 Juan Diego Calle
<juandiego.calle@soportelibre.com> wrote:
I added this to the slapd.conf, but it didn't work.
access to *
by self write
by users read
by anonymous read
by * none
access to dn="ou=People,dc=iess,dc=gob,dc=ec" attrs=children,entry
by
group/groupOfNames/member="cn=MiniAdmins,ou=Group,dc=iess,dc=gob,dc=ec"
write
Please read the slapd.access(5) man page very carefully. ACLs are
processed in the order that they match.
access to * by <...>
matches everything. Therefore the second ACL will never be processed.
You may want to make it something like
access to dn="ou=People,dc=iess,dc=gob,dc=ec" attrs=children,entry
by
group/groupOfNames/member="cn=MiniAdmins,ou=Group,dc=iess,dc=gob,dc=ec"
write
by * break
access to *
by self write
by users read
by anonymous read
by * none
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration