[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: acl's and the userpassword field

To: "Kurt D. Zeilenga" <kurt@OpenLDAP.org>
Subject: Re: acl's and the userpassword field
From: Seth Vidal <skvidal@phy.duke.edu>
Date: Fri, 22 Oct 1999 13:25:58 -0400 (EDT)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <3.0.5.32.19991022100915.0094d200@localhost>

> >        by self         write
> >        by dn="cn=managaer, dc=phy,dc=duke,dc=edu" write
>                             ^
> 
> Likewise with this by clause.  Also, check spelling of 'managaer'.
thanks.
Damn spell checker  :)


> compare effects LDAP compare operations, not LDAP bind operations.
> I generally recommend something like:
> 
> access to attr=userPassword
> 	by self write
> 	by dn="cn=manager,dc=sld,dc=tld"
                                        ^^^^^^
 don't you need a permission here? or is it assumed as ALL if its not
given?

> 	by * none

-sv

References:
- Re: acl's and the userpassword field
  - From: "Kurt D. Zeilenga" <kurt@OpenLDAP.org>

Prev by Date: Re: acl's and the userpassword field
Next by Date: Re: acl's and the userpassword field
Index(es):
- Chronological
- Thread