[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Creating database, catch-22

To: Pierangelo Masarati <masarati@aero.polimi.it>
Subject: Re: Creating database, catch-22
From: Peter Mogensen <apm@mutex.dk>
Date: Wed, 16 Sep 2009 13:38:29 +0200
Cc: openldap-software@openldap.org
In-reply-to: <4AB0C09C.5060809@aero.polimi.it>
References: <4AB087E4.9010105@mutex.dk> <4AB0C09C.5060809@aero.polimi.it>
User-agent: Thunderbird 2.0.0.23 (X11/20090817)

Pierangelo Masarati wrote:

Add an ACL (either global, if there aren't any in that database, orlocal) that allows the identity you trust to write to that database.


Global ACLs was probably a solution. (didn't know you could that).

So if I give cn=config write access to children attribute ofdc=example,dc=com, globally and write access to scope "one" (and UNIXroot maps via SASL EXTERNAL to cn=config), then root will be able toldapadd any node below dc=example,dc=com


I'll try that...

/Peter

References:
- Creating database, catch-22
  - From: Peter Mogensen <apm@mutex.dk>
- Re: Creating database, catch-22
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

Prev by Date: Re: Creating database, catch-22
Next by Date: Re: Creating database, catch-22
Index(es):
- Chronological
- Thread