[Date Prev][Date Next]
Re: Access Rights in SLAPD.CONF
Earlier today, Julio Sánchez Fernández wrote:
> Ummm. I think you have to write the first one like this:
> > access to attr="userpassword"
> > by self write
> > by dn="cn=adminuser,o=My Company Name,c=US" write
> > by * compare
What's actually the purpose of "by * compare"? I mean, I'm using:
access to attr=userpassword
by self write
by * none
and authenticated binds to the directory still work without any problems.
Unfortunately the UMich SLAPD Admin guide isn't too clear on distinguishing
the differences between "none", "compare", "search", "read" and "write"
(beyond the bleedin' obvious which no doubt leaves everything open to
interpretation - not good for ACLs).