[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problems with ACL's

To: openldap-software@OpenLDAP.org
Subject: Problems with ACL's
From: Claudia Kuhlmann <Claudia.Kuhlmann@tfa.brandenburg.de>
Date: Mon, 9 May 2005 09:49:44 +0200
Content-disposition: inline
Organization: TFA Brandenburg
User-agent: KMail/1.6.2

Hi all,
I need your help.
I have problems to create ACL's.

All users should read the attributes cn, sn, mail and telephoneNumber.
All other attributes should read by all users without the special user 
"cn=public,ou=users,ou=services,ou=xyz,o=abc,c=de". This user should only 
read the attributes cn, sn, mail, telephoneNumber.
Is this possible ??? 

My slapd.conf <snippet>:
access to attr=userPassword
        by dn="cn=Manager,ou=xyz,o=abc,c=de" write
        by self write
	by anonymous auth
        by * none

access to attr=cn,sn,mail,telephoneNumber
        by * read

access to *
        by self read
        by dn="cn=public,ou=users,ou=services,ou=xyz,o=abc,c=de" none
        by users read

I'm using openLDAP 2.2.23 on SLES 9.

Thank you in advance.

Follow-Ups:
- Re: Problems with ACL's
  - From: "Pierangelo Masarati" <ando@sys-net.it>

Prev by Date: OpenLDAP Software ldap.conf sample
Next by Date: Re: Problems with ACL's
Index(es):
- Chronological
- Thread