[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL issue

tir, 2002-12-03 kl. 22:09 skrev Arjen van Drie:

> I have been messing around with access control lists for a few hours now,
> and I come up with the next stuff to be able to login using ssh. To me,
> the access for anonymous to the attr=userPassword seems a bit too 
> unrestricted, and I think/hope it should be "auth" instead of "read".
> But then I cannot login.

Mess around a bit for a few days or a few weeks, and you'll be well on
your way.

Yes, it should be 'by anonymous auth', otherwise you'll have everybody
in the world reading all your users' passwords, and I don't suppose you
want that.

The reason why you can't log in, is that you haven't said what people
can have access to. You have in the ACLs below it. That's because you've
spent hours on it and should have gone to bed anyway. Go and have a beer
and begin again tomorrow.

access do dn.children="dc=zomba,dc=doobah,dc=net"
	by anonymous auth
	by self write
	by * none




Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl