[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL for userPassword problems



according to the openldap admin guide, giving access to attributes with
attrs="bla" is not enough. you have to define to which entries the
access rule applies.

try this acl:

access to "dn=.*" attrs=userPassword
     by self write
     by dn="uid=.*,ou=CIAdmin,dc=..,dc=cordoors,dc=com write
     by anonymous auth
     by * none

tom.

On Fri, 2002-02-15 at 00:28, Christine Robertson wrote:
> Greetings all,
> 	We are running OpenLDAP 2.0.19 (the port to FreeBSD), and
> I seem to have broken by ACL for the userPassword attribute.  The
> ACL is:
> access to attrs=userPassword
>     by self write
>     by dn="uid=.*,ou=CIAdmin,dc=..,dc=cordoors,dc=com write
>     by anonymous auth
>     by * none
> 
> but I cannot see the attribute with ldapsearch binding either as
> the entry itself or as the root DN.  
> 
> Any thoughts on why would be much appreciated.
> 
> --Chris Robertson
> Corinthian Engineering, Sydney, Australia
-- 

Thomas Hager                  | "Microsoft is not the answer.
Technical Product Development |  Microsoft is the question.
thomas.hager@1012surf.net     |  NO is the answer."
http://www.telering.at        |          Erik Naggum.

Attachment: signature.asc
Description: This is a digitally signed message part