[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL resolving


does slapd resolve the ACLs only at start time?

I have following ACL defined:

access to *
        by group/groupOfUniqueNames/uniqueMember="cn=admins,dc=example,dc=com" write
        by * read

which should allow only members of the group cn=admins write access to the whole directory. Others may only read.

The group looks like this:

dn: cn=admins,dc=example,dc=com
objectClass: groupOfUniqueNames
cn: admins
description: LDAP administrators
uniqueMember: cn=manager,dc=example,dc=com
uniqueMember: uid=chris,ou=user,dc=example,dc=com

If I add a member to the group, it seems that I have to restart slapd to allow the new member write access to the directory. Is this correct or am I missing something?


phone: +49 6898/10-4987
web  : www.saarstahl.de
mail : Hofstattstraße 106a
       D 66333 Voelklingen