[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: posixAccount entries under People
Thanks Marcel. With this ACLs, my users can't login:
access to attribute=userPassword
by dn="cn=Manager,dc=uc,dc=edu,dc=ve" write
by self write
by anonymous auth
by * none
access to *
by dn="cn=Manager,dc=uc,dc=edu,dc=ve" write
by self read
by users read
by anonymous read
by * none
With this single change, they can:
access to attribute=userPassword
by dn="cn=Manager,dc=uc,dc=edu,dc=ve" write
by self write
--> by anonymous read
by * none
access to *
by dn="cn=Manager,dc=uc,dc=edu,dc=ve" write
by self read
by users read
by anonymous read
by * none
By the way, the naming contexts in /etc/ldap.conf are declared with
scope "sub", as you can see in the following lines:
nss_base_passwd ou=People,dc=uc,dc=edu,dc=ve?sub
nss_base_shadow ou=People,dc=uc,dc=edu,dc=ve?sub
nss_base_group ou=Group,dc=uc,dc=edu,dc=ve?sub
-------M.vanDorp@wiwo.nl | Mar 28 May 2002 13:35-------
> Diego,
>
> When you place users in a sub-category under people, you are
> leaving the 'default' track. You need to tweak both ACLs and your
> client software to make things work again.
>
> Please post yoour ACLs (from slapd.conf) to be more specific to
> your question.
>
> Regards,
>
> Marcel
--
Ing. Diego A. Puertas Fernández
Analista Programador
Universidad de Carabobo RedUC
Usuario Linux #114434