[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL

To: openldap-software@OpenLDAP.org
Subject: ACL
From: "Fabrice Nouet" <f_nouet@hotmail.com>
Date: Thu, 02 Dec 1999 11:01:08 CET

Hello all,

My problem is resolved now and I put my solution below.
Maybe we can find a shortest solution ... !?!

I want to thank all for helping me and particularely Emmanuel Jegou, Kurt D. Zeilenga and Eric Brehier for spending time to debugging my tests.

access to dn=".*ou=User,o=Right Vision" attr=userpassword
          by dn="cn=Fabrice,ou=Admin,o=Right Vision" write
          by dn="cn=Thierry,ou=Admin,o=Right Vision" write
          by * none

access to dn=".*ou=User,o=Right Vision"
          by dn="cn=Thierry,ou=Admin,o=Right Vision" write
          by dn="cn=Eric,ou=User,o=Right Vision" read
          by * none

access to dn=".*,o=Right Vision"
          by dn="cn=Fabrice,ou=Admin,o=Right Vision" write
          by * none

- The admin Fabrice has access to write and read all entries below "o=Right Vision" - The admin Thierry has access to write and read all entries below "ou=User,o=Right Vision" - The user Eric has access to read all entries below "ou=User,o=Right Vision" but not the userpassword attribut - The user Pascal has no access

Below two examples of commands:

ldapsearch  -D "cn=Eric,ou=User,o=Right Vision" -w ericpassword
-b "o=Right Vision" "objectclass=*"

ldapsearch  -D "cn=Fabrice,ou=Admin,o=Right Vision" -w adminfabrice
-b "o=Right Vision" "objectclass=*"

Many thanks,

Fabrice

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

Prev by Date: Re: LDAP Search Filter Help
Next by Date: help needed on referrals
Index(es):
- Chronological
- Thread