[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: acl's and the userpassword field

> >        by self         write
> >        by dn="cn=managaer, dc=phy,dc=duke,dc=edu" write
>                             ^
> Likewise with this by clause.  Also, check spelling of 'managaer'.
Damn spell checker  :)

> compare effects LDAP compare operations, not LDAP bind operations.
> I generally recommend something like:
> access to attr=userPassword
> 	by self write
> 	by dn="cn=manager,dc=sld,dc=tld"
 don't you need a permission here? or is it assumed as ALL if its not

> 	by * none