[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL Question

> Similarly, other ACLs after this one may grant access to cn=log.
> Your current ACL only grants read access to the group ldap-admins.
> It doesn't specify rights for other users. Explicitly deny access
> to others like this

I tried that as well and got the same result.  Also, the man page says that each "access to" stanza is implicitly terminated by a "by * none", so specifying this seems to be unnecessary.

But in either case, that also didn't work.  I'm working on upgrading my OpenLDAP to the 2.4 branch so that it's not so old anymore, and once I've got that done I'll try again.  I'm wondering if the problems I'm encountering have to do with using an older version of the software.

Tim Gustafson
BSOE Webmaster
UC Santa Cruz