[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL

To: openldap-software@OpenLDAP.org
Subject: ACL
From: "Fabrice Nouet" <f_nouet@hotmail.com>
Date: Wed, 01 Dec 1999 17:09:20 CET

With your recommandations I tried something else....
really strange


I have now only one line which is:

access to dn=".*ou=User,o=Right vision" attr=userpassword
          by dn="cn=Thierry,ou=Admin,o=Right Vision" read
          by dn="cn=Fabrice,ou=Admin,o=Right Vision" write
          by * none

I am waiting for the following result: - Fabrice has access to write and read all entries below ou=User,o=Right Vision - Thierry can read all entries below ou=User,o=Right Vision - The other users read all entries below ou=User,o=Right Vision but not the userpassword attribut below


but when I run the command

ldapsearch -D "cn=Thierry,ou=Admin,o=Right Vision" -w password -b "o=Right Vision" "objectclass=*"

I see all entries in my base and not entries below ou=users,...

same comportment for Fabrice
with eric I can see all entries without the userpassword attribut

It is the same thing when I put a comma like this

access to dn=".*,ou=User,o=Right vision" attr=userpassword  ....


Now if I try to add :

defaultaccess none

no entry displayed for all users .....


I really do not understand !

Is someone has an idea ?

Many thanks,
Fabrice

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

Follow-Ups:
- Re: ACL
  - From: Emmanuel JEGOU <Emmanuel.Jegou@naonet.fr>

Prev by Date: RE: Where does slapd's database live ?
Next by Date: Re: Where does slapd's database live ?
Index(es):
- Chronological
- Thread