[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Short question on access-rights

Harry Rüter writes:

Hi everybody,

i'm a little unsure about how to configure access-rights
for authentication.

There are two kinds of entries that are needd for authentication :

1) id (uid,cn,..)
2) password (userPassword,lmPassword,ntPassword,...)

Which access-right do i have to set for authetication ?
Would the following be correct ?
Are there differences between v2.1.x and v2.0.x ?

access to attr=uid,cn
   by anonymous auth
   by * none

These need at least search permission, if all you have to do
is authentication (e.g. search for the DN corresponding to
some uid/cn; then try a bind for that DN with the given creds).

access to attr=userPassword,lmPassword,ntPassword by anonymous auth by * none

This is fine if nobody needs to be able to change creds.


greets Harry

Dr. Pierangelo Masarati | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale | fax: +39 02 2399 8334
Politecnico di Milano | mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy | http://www.aero.polimi.it/~masarati