[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: allow users to add an auxiliary objectClass to their own entry

Hallvard B Furuseth wrote:

See 'man slapd.access':

access to attrs=objectClass val=foobarClass  by self write  by * read

(Or replace 'by * read' with 'by * none break' if other access
statements further down should specify if other users have access.)

Note that they can also remove the object class from their entires, I
don't know a way to allow add but not remove.

Thank you very much Hallvard, last time I saw slapd.access I hadn't noticed this "val" keyword.