[Date Prev][Date Next] [Chronological] [Thread] [Top]

problem with access control

I'm trying to set up an address book with ldap. I want that one user (in this case uid=bott,ou=Users,dc=campana,dc=vi,dc=it) can access the address book with password and read and write it, while any other person cannot give a look at the records.

I've tried this rule in slapd.conf:

access to dn.subtree="ou=Ottavio,ou=Rubriche,dc=campana,dc=vi,dc=it" by dn="uid=bott,ou=Users,dc=campana,dc=vi,dc=it" read by dn="uid=bott,ou=Users,dc=campana,dc=vi,dc=it" write by * none

but it doesn't work, for if a run ldapsearch anonymously I can get all the infos of the address book.

What's wrong with it?

Non c'è più forza nella normalità, c'è solo monotonia.