[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: help with ACL



At 04:13 PM 10/25/99 -0600, Giri Raichur wrote:
>1. Disable anonymous access (NULL bind entry)

Set default access to none and add:
	by dn="" none

as the first who clause to every access directive.

>2. allow only authorized users to view cn=config and cn=monitor

	access to dn="^cn=(config|monitor)$" by
		by dn=".+" read
		by * none

You can replace ".+" will a regular expression which matches
the normalized DN of authorized users.  

See also: http://www.openldap.org/software/man.cgi?query=re_format

	Kurt

----
Kurt D. Zeilenga		<kurt@boolean.net>
Net Boolean Incorporated	<http://www.boolean.net/>