[Date Prev][Date Next]
Re: Hiding userPassword and other attributes from anonymous LDAPclients (such as Eudora)
On Fri, 13 Oct 2000, Rudolf Nottrott, NCEAS wrote:
> Thanks Patrick, for your examples.
> I did a lot of experimenting yesterday and found that the following works
> for hiding the password, although I still don't really understand how:
> defaultaccess read
> access to attr=userPassword
> by * search
> access to * by self write
> Taken as plain English, "access to attr=userPassword" suggests the opposite
> of hiding to me, but it hides the password alright.
access to attr=userpassword
by self write
by * compare
Means: Access to user to write (implies read) and
access for the others only compare.
German Poo Caaman~o