[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: simple acl

To: Openldap list <openldap-software@OpenLDAP.org>
Subject: Re: simple acl
From: Tony Earnshaw <tonye@billy.demon.nl>
Date: Fri, 25 Jun 2004 13:38:12 +0200
In-reply-to: <11742.1088075837@www15.gmx.net>
Organization: Billy
References: <34336.131.175.154.56.1087997073.squirrel@131.175.154.56> <11742.1088075837@www15.gmx.net>

tor, 24.06.2004 kl. 13.17 skrev Mario Ohnewald:
[...]

> Here is my acl:
> 
> ## Auth users
> access to attr=userPassword
>  by self write
>  by anonymous auth
>  by * none
> 
> ## Full Admin Access
> access to *
>  by self write
>  by dn="cn=admin,o=addressbook,dc=example,dc=net" write
>  by * read
> 
> ## room1 admin access limited to ou=room1
> access to dn="ou=room1,o=addressbook,dc=example,dc=net"
>  by self write
>  by dn="cn=room1_admin,ou=room2,o=addressbook,dc=example,dc=net" write
>  by * read
> 
> ## room2 admin access limited to ou=room1
> access to dn="ou=room2,o=addressbook,dc=example,dc=net"
>  by self write
>  by dn="cn=room2_admin,ou=room2,o=addressbook,dc=example,dc=net" write
>  by * read
> 
> Now when i want to log in with evolution, evolution crashes.
> Am i using nonsense rules which makes it crash or whats going on here?
[...]

Your rules are fine to be going on with; you're learning fast and will
want to "sharpen" them up later. Quite another thing is, that you don't
say what version of Evolution you use. >= 1.4 works perfectly with
Openldap (you can even do administration), shouldn't crash, but you have
to use the evolutionperson.schema for full support.

--Tonni

-- 

We make out of the quarrel with others rhetoric
but out of the quarrel with ourselves, poetry.

mail: tonye@billy.demon.nl
http://www.billy.demon.nl

References:
- Re: simple acl
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: simple acl
  - From: "Mario Ohnewald" <mario.Ohnewald@gmx.de>

Prev by Date: Re: Using OpenLDAP
Next by Date: solaris 8 client can't contact openldap server
Index(es):
- Chronological
- Thread