[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd and permissions

Jernej Kos wrote:

Well, i would like that users would be able to add or change all objects below their "Domains".

you need to explicitly add write access to the pseudo attribute "children" of the
parent entry, and to the pseudoattribute "entry" of the entry you want to add.

See also http://www.openldap.org/faq/data/cache/189.html

Where can i get slapd.access of 2.2

In 2.2 sources; from the CVS; ...

(there is only 2.1 on openldap.org site).

On Friday 09 of April 2004 15:38, Pierangelo Masarati wrote:

OK. Now you should specify what kind of write access you need and you
don't get
with this ACL. In slapd.acces(5) of 2.2 you'll find a clear description
of the
access level you need to each portion of an entry for each operation.
You should
also indicate what identity you're using; you could look at logging with
level 16 (ACL)
to see whhere in the ACL check your access fails.

SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497