[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL's

To: Rob Byrne - Sun Microsystems <rbyrne@france.sun.com>, openldap-general <openldap-general@OpenLDAP.org>
Subject: Re: ACL's
From: Joe Garcia <jgarcia@gnncast.net>
Date: Fri, 16 Jul 1999 10:14:13 -0400
References: <378E4738.EBF324B7@gnncast.net> <378EDC29.74D290A4@france.sun.com>

Hey Rob,

	I did this, yet I still cannot log on...here is what a typical ldap
entry looks like, some of the attributes are for qmail with the ldap
patches.

dn: uid=akel, o=Greenberg News Networks, c=US
cn: Annette Akel
sn: Akel
objectClass: top
objectClass: person
objectClass: qmailUser
mail: akel@gnncast.net
mailMessageStore: gnnmail/akel/
uid: akel
deliveryMode: normal
userPassword: {crypt}8.dm56sH439sw

Yet everytime I try to get info from the server with Netscape I get this
in response

Mail id invalid or not unique, cannot resolve to directory authorization
entry.

Any idea??

Joe
 


Rob Byrne - Sun Microsystems wrote:
> 
> Joe,
> 
> You want to disallow anonymous access to your server ie. everyone
> is forced to bind to the server befere having the right to see anything.
> This means changing the ACLs to disallow any anonymous access--so remove
> anything that has "*" in the "by" clause of the ACLs.  Also, don't forget
> to set
> the default ACL to "none".
> 
> Rob.
> 
> Joe Garcia wrote:
> 
> > How would I create an access list so that no information is shown until
> > the person sucessfully logs on??  As in they need to enter a valid uid
> > and password before they can get on.

Follow-Ups:
- Re: ACL's
  - From: Jeff Clowser <jclowser@aerotek.com>

References:
- ACL's
  - From: Joe Garcia <jgarcia@gnncast.net>

Prev by Date: Re: ldap package header format
Next by Date: Re: ACL's
Index(es):
- Chronological
- Thread