[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Problem with ACL
Laurent Michenaud wrote:
>
> Hi,
>
> I'm testing the howto SMTP Mail Routing using Exim and LDAP
> at http://www.bastard.net/~kos/mailrouter
> but the specified ACL doesnot work : when i log with
> the uid=admin,o=top i can't write in the o=top
>
> I use openldap-2.0.23 on RedHat 7.1
>
> For the data :
> dn: o=top
> objectClass:top
>
> dn: uid=admin,o=top
> objectClass: person
> sn: admin
> cn: admin
> userPassword: test
>
> For the ACL:
> access to attr=userPassword
> by self write
> by anonymous auth
>
> # domain access
> access to dn="dc=([^,]+),o=([^,]+)"
> by dn="uid=postmaster,dc=$1,o=$2" write
> by group="cn=admin,dc=$1,o=$2" write
> by group="cn=admin,o=$2" write
> by users read
> by anonymous read
>
> # root access
> access to dn="o=([^,]+)"
> by group="cn=admin,o=$1" write
> by users read
> by anonymous read
>
> # user modifyable attributes
> access to attrs=cn,sn
> by self write
> by users read
> by anonymous read
>
> # generic access
> access to *
> by self write
> by users read
> by anonymous read
Dunno anything about that document, but I note you're using
"uid=admin,o=top" while the ACLs read "cn=admin,..."; could
this be the cause?
Pierangelo.
--
Dr. Pierangelo Masarati | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale | fax: +39 02 2399 8334
Politecnico di Milano |
mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy |
http://www.aero.polimi.it/~masarati