[Date Prev][Date Next] [Chronological] [Thread] [Top]

Openldap access control file

> There is another question about openldap. I want to allow user himself
> and the administrator group user to modify the attributes. But only the
> dn=".*,ou=dev,dc=abc,dc=com" users can edit this attributes. Follow is
> the access control in slapd.conf file.
> But when I could not modify or search through a ldap browser unless I
> remove the attrs=sn,cn,userPassword,mail line.
> Can access control in ldap allow multiple control rule??
> access to dn=".*,ou=dev,dc=abc,dc=com"
>     attrs=sn,cn,userPassword,mail
>         by self write
>         by group="cn=administrator,ou=dev,dc=abc,dc=com" write
>         by dn="(.*),ou=dev,dc=abc,dc=com" read
>         by anonymous auth
>         by * none

Chat with friends online, try MSN Messenger: Click Here