[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Writing an ACL for Anonymous Searches

To: openldap-software@openldap.org
Subject: Re: Writing an ACL for Anonymous Searches
From: Adam Tauno Williams <adamtaunowilliams@gmail.com>
Date: Tue, 02 Oct 2007 11:48:58 -0400
In-reply-to: <BAY102-F31DB35EB4211794D182FA1B2AE0@phx.gbl>
References: <BAY102-F31DB35EB4211794D182FA1B2AE0@phx.gbl>

> I am new to ldap and ACL but I need to write an ACL that will prevent 
> anonymous (cn=everyone?) users from viewing (read?) members of a certain 
> group (e.g. cn=restricted_group,ou=groups,o=xxx) in their search/dump 
> results. Any help or pointer to documentations is much appreciated. Thanks.

Grant write and/or read access to authenticated "users" and anonymous
users are implicitly denied access. 

This is explained in the slapd-access man page.  Be sure to use a man
page appropriate to your version of OpenLDAP.

-- 
Adam Tauno Williams, Network & Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org

References:
- Writing an ACL for Anonymous Searches
  - From: "Julius Squeezer" <kriid@hotmail.com>

Prev by Date: Writing an ACL for Anonymous Searches
Next by Date: ACL to bind groups from a IP
Index(es):
- Chronological
- Thread