Could some expert point out possible stupid mistakes in the following
ACLs? The intention of the first block is to allow
uid=user,ou=People,o=CWI INS,c=NL to change the separate password for
uid=user,ou=Mail Users,ou=Services,o=CWI INS,c=NL; the second block is
to allow simple bind to other dn's and the third block to allow access
via LDAPS from the outside.
Thanks a lot in advance for any advice,
Hein
access to dn="uid=([^,]+),ou=Mail Users,ou=Services,o=CWI INS,c=NL"
attribute=userPassword
by anonymous auth
by self write
by dn="uid=$1,ou=People,o=CWI INS,c=NL" write
by * none
access to attribute=userPassword
by anonymous auth
by self write
by * none
access to *
by users read
by domain=".*\.cwi\.nl" read
by * none
Attachment:
signature.asc
Description: This is a digitally signed message part