[Date Prev][Date Next] [Chronological] [Thread] [Top]

other acl problems (ip modification)

To: openldap-software@OpenLDAP.org
Subject: other acl problems (ip modification)
From: francesco tornieri <francesco.tornieri@duke.it>
Date: Wed, 20 Feb 2002 11:38:04 +0100
Organization: duke

I'd like make a structure like :
pc slave (192.168.2.18) makes change to master (192.168.1.17) but it is ablt 
to modify subtree Scienze
pc slave (192.168.2.19) makes change to master (192.168.1.17) but it is ablt 
to modify subtree Medicina
This is my acl list:

access to attrs=userpassword,lmpassword,ntpassword
        by self write
        by dn="cn=manager,dc=univr,dc=it" write
        by dn="uid=manager,ou=Service,dc=univr,dc=it" write
        by dn="cn=qmail,ou=Service,dc=univr,dc=it" none
        by dn="cn=samba,ou=Service,ou=Scienze,dc=univr,dc=it" write
        by dn="cn=samba,ou=Service,ou=Medicina,dc=univr,dc=it" write
        by * none

access to attrs=shadowlastchange,pwdlastset,mailForwardingAddress
        by self write
        by dn="cn=manager,dc=univr,dc=it" write
        by dn="uid=manager,ou=Service,dc=univr,dc=it" write
        by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
        by dn="cn=samba,ou=Service,ou=(.*),dc=univr,dc=it" write
        by addr="127.0.0.1|192.168.2.*" read
        by * none

access to 
attrs=pwdcanchange,pwdmustchange,acctflags,logontime,logofftime,kickofftime,smbhome,homedrive,script,profile,ntuid,rid,grouprid,uid,uidnumber,gidnumber,cn,description,workstation
        by dn="cn=manager,dc=univr,dc=it" write
        by dn="uid=manager,ou=Service,dc=univr,dc=it" write
        by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
        by dn="cn=samba,ou=Service,ou=(.*),dc=univr,dc=it" write
        by addr="127.0.0.1|192.168.2.*" read
        by * none

access to attrs=lpquota,lpprinted,lpdate,lpnote
        by dn="cn=lpquota,ou=Service,dc=univr,dc=it" write
        by self read
        by * none

access to attrs=mailMessageStore,mailQuota
        by dn="cn=manager,dc=univr,dc=it" write
        by dn="uid=manager,ou=Service,dc=univr,dc=it" write
        by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
        by self read
        by * none

access to dn="uid=[^,]+,ou=Scienze,dc=univr,dc=it"
        by dn="cn=manager,dc=univr,dc=it" write
        by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
        by addr="192.168.2.18" write
        by addr="127.0.0.1|157.27.*.*|192.168.2.*" read
       by * none

access to dn="uid=[^,]+,ou=Medicina,dc=univr,dc=it"
        by dn="cn=manager,dc=univr,dc=it" write
        by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
        by addr="192.168.2.19" write
        by addr="127.0.0.1|157.27.*.*|192.168.2.*" read
       by * none

access to dn="uid=[^,]+,ou=(.*),dc=univr,dc=it"
        by dn="cn=manager,dc=univr,dc=it" write
        by dn="uid=manager,ou=Service,dc=univr,dc=it" write
        by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
        by addr="127.0.0.1|157.27.*.*|192.168.2.*" read
        by * none

access to dn="dc=univr,dc=it"
        by dn="cn=manager,dc=univr,dc=it" write
        by dn="uid=manager,ou=Service,dc=univr,dc=it" write
        by dn="cn=qmail,ou=Service,dc=univr,dc=it" read
        by addr="127.0.0.1|157.27.*.*|192.168.2.*" read
        by * none

Where is the problem?Can you help me?
Francesco

Follow-Ups:
- Re: other acl problems (ip modification)
  - From: francesco tornieri <francesco.tornieri@duke.it>

Prev by Date: RE: replication question; start_tls
Next by Date: Re: other acl problems (ip modification)
Index(es):
- Chronological
- Thread