[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: permissions (acl) for nss_ldap

To: Tarjei <tarjei@nu.no>
Subject: Re: permissions (acl) for nss_ldap
From: Craig Squires <csquires@math.mun.ca>
Date: Mon, 14 Jan 2002 13:32:51 -0330 (NST)
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <3C42FB69.6040601@nu.no>

On Mon, 14 Jan 2002, Tarjei wrote:

> >
> >
> >access to attr=objectClass
> >        by dn="your-admin-dn-here" write
> >        by * read
> >
> Interesting. So giving access to an objectclass gives the entity (DN,
> group, etc) access to all attributes under that objectclass?
>
> Tarjei
>
Well, I haven't read the source. But this seems to be what nss_ldap does,
a search for objectClass=posixAccount. It seems to be analagous to a
getpwent() system call.

Craig

-- 
........................................................................
$Id: mathdeptsysadmin,v 1.0 Mon Jan 14 13:23:19 2002 Craig Squires Exp $

References:
- Re: permissions (acl) for nss_ldap
  - From: Tarjei <tarjei@nu.no>

Prev by Date: Re: deleting ACL
Next by Date: RE: CRL
Index(es):
- Chronological
- Thread