[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with olcAccess



--On Saturday, September 22, 2012 2:47 PM +0200 Tobias Hachmer <lists@kokelnet.de> wrote:

Hello list,

I simply trying to add an olcAccess entry to the config backend.

here the file contents:

dn: olcDatabase={1}hdb,cn=config
changeType: modify
add: olcAccess
olcAccess: to dn.subtree="ou=public,ou=addressbook,dc=example,dc=com" by
users write

What I've get after adding this to the backend is:

olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by
dn="cn=a
  dmin,dc=example,dc=com" write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by self write by dn="cn=admin,dc=example,dc=com" write
by *
   read
olcAccess::
ezN9dG8gZG4uc3VidHJlZT0ib3U9cHVibGljLG91PWFkZHJlc3Nib29rLGRjPWtva2
  VsbmV0LGRjPWRlIiBieSAqIHdyaXRlIA==

What's going on here, what did I wrong, I didn't get it yet. Please help
me.

Your ACL will never be applied, as it comes after {2}, which covers "*".

You should have made it:

olcAccess: {1}to dn.subtree="..........."

--Quanah


--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration