[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: schema for netscape roaming server

> maybe I should add something like :
> access to
> dn="nsLIProfilename=default,uid=*,ou=users,ou=lecentre.net,dc=lecentre,dc=net"
>           by dnattr=owner write

I had a bug in the ACL i posted (erroneous ',')

> > access to dn=".*,nsLIProfilename=.*,uid=.*,dc=metaparadigm,dc=com"
> >         by dnattr=owner write

This is what I have now:

access to dn=".*nsLIProfilename=.*,uid=.*,dc=metaparadigm,dc=com"
         by dnattr=owner write

or in your case:

          by dnattr=owner write

It should be specified before any more general ACLs so netscape profiles are not
readable by other users (otherwise they could decode the base64 encoded
passwords that Netscape stores in its preferences)

Anyway, works for me.