[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: adding access control for replication user
On Sun, 18 Apr 2004, Pierangelo Masarati wrote:
> > Thanks that does make things work, I did in fact have something similar
> > exept it was more like ...
> >
> > access to attrs=userPassword
> > by dn="<your replicator's DN>" write
> > by self write
> > by * auth
>
> Likely you added a last directive of the form
> access to *
> by dn.exact="<your replicator's DN>" write
>
> This by default implies that anonymous users can't read "*".
>
> If your intention is that everything that's not explicitly
> protected by ACLs must be readable by all including anonymous,
> then add a last directive of the form
>
> access to *
> by dn.exact="<your replicator's DN>" write
> by * read
>
rats when I run ldapsearch -x it still will not work.
Here is my acl
<snip>
access to dn="" by * read
access to *
by self write
by users read
by anonymous auth
by dn.exact="UID=REPLICATOR,OU=ADMINS,O=HOMETOWN" write
by * read
</snip>