[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL and ObjectClass

To: Gessy Caetano da Silva Junior <listas_gessy@yahoo.com.br>
Subject: Re: ACL and ObjectClass
From: Aleksandar Milivojevic <amilivojevic@pbl.ca>
Date: Thu, 05 May 2005 10:44:05 -0500
Cc: openldap-software@OpenLDAP.org
In-reply-to: <4279FDF1.5050105@yahoo.com.br>
References: <4279FDF1.5050105@yahoo.com.br>
User-agent: Mozilla Thunderbird 1.0.2-1.4.1.centos4 (X11/20050323)

Gessy Caetano da Silva Junior wrote:

access to attrs=!posixAccount
    by * read
Only the attributes required and/or allowed by objectClass posixAccount would be readed by anyone, right? I tried this but it not work.

You missed a "not" word from the man page. With above, you denied access to all posixAccount attributes to everybody. What you want is "attrs=@posixAccount".

--
Aleksandar Milivojevic <amilivojevic@pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

References:
- ACL and ObjectClass
  - From: Gessy Caetano da Silva Junior <listas_gessy@yahoo.com.br>

Prev by Date: Re: ldap_set_option
Next by Date: ldapsearch command help
Index(es):
- Chronological
- Thread