[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL Question

To: Jonathan Clarke <jclarke@linagora.com>
Subject: Re: ACL Question
From: Tim Gustafson <tjg@soe.ucsc.edu>
Date: Wed, 4 Feb 2009 08:39:06 -0800 (PST)
Cc: openldap-software@openldap.org
In-reply-to: <4988DC23.9030602@linagora.com>

> Similarly, other ACLs after this one may grant access to cn=log.
> Your current ACL only grants read access to the group ldap-admins.
> It doesn't specify rights for other users. Explicitly deny access
> to others like this

I tried that as well and got the same result.  Also, the man page says that each "access to" stanza is implicitly terminated by a "by * none", so specifying this seems to be unnecessary.

But in either case, that also didn't work.  I'm working on upgrading my OpenLDAP to the 2.4 branch so that it's not so old anymore, and once I've got that done I'll try again.  I'm wondering if the problems I'm encountering have to do with using an older version of the software.

Tim Gustafson
BSOE Webmaster
UC Santa Cruz
tjg@soe.ucsc.edu
831-459-5354

Follow-Ups:
- Re: ACL Question
  - From: Jonathan Clarke <jclarke@linagora.com>

References:
- Re: ACL Question
  - From: Jonathan Clarke <jclarke@linagora.com>

Prev by Date: Re: ACL Question
Next by Date: synrcrepl "be_modify failed (80)"
Index(es):
- Chronological
- Thread