[Date Prev][Date Next]
Re: OpenLDAP: ACL : urgent
--On Monday, June 07, 2004 5:00 PM +0800 "Sivasakthi d/o Sivagnanam"
I have the following stru for my OpenLDAP DIT:-
ROOT has subtree A and subtree B
How do I go about setting a specific username|password for subtree B so
that only a group of users is able to read only, write only and
There's not a whole lot here to go on.
You don't lock down a tree by username/password. You set up acl's saying
what group of users (or users) have access to a tree.
access to dn.base="cn=treeB,dc=digicert,dc=com,dc=my"
by group.base="cn=usergroup,dc=digicert,dc=com,dc=my" read
by dn.base="uid=sakthi,dc=digicert,dc=com,dc=my" write
by * break
or something along those lines. I suggest reading:
to see how to do write only (since "write" implies read+write).
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html